Vulnerabilities found in OnePlus 3 and 3T bootloader
OnePlus devices are the holy grail for fans of unlocked phones, open for tinkering. But apparently OxygenOS versions were more open than they need to be.
A security researcher found out that OxygenOS 3.2 through 4.0.1 has a vulnerability that lets anyone with two native fastboot commands to disable the verified boot feature without actually unlocking the bootloader with the user-accessible command. This means a malicious code could be run without even resetting the user data.
OnePlus 3 was upgraded to 4.0.2 and the Shenzhen-based company says it patched the vulnerability. It also started handing out 4.0.3 to OnePlus 3T owners. It brings optimized exposure for night time photos and pre-installed Amazon Prime app for India users, along with various Wi-Fi fixes.
Related
Reader comments
- Ajay
- 14 Feb 2017
- KiF
Received 4.0.3 upgrades today here in Indonesia.
- Graves
- 13 Feb 2017
- vx6
I see you a lol player
- AnonD-644300
- 13 Feb 2017
- yZt
Moto z play is better alternative though.
Huawei
Samsung
Xiaomi
Apple
Xiaomi
