Update | Security vulnerability discovered in the new OnePlus 6

A fatal vulnerability has been discovered on the new OnePlus 6, one that allows the flashing of unsigned boot images on the device even when the bootloader is locked.

Ricci Rox, Published 06/16/2018

Update: As promised, OnePlus has released an update addressing the bootloader vulnerability. It comes as the OxygenOS 5.1.7 update and is available to all—bar users in India who'll have to wait for the 5.1.8 update.

Original Article

OnePlus released the OnePlus 6 last month, and while the device has received mixed reviews, it’s still considered one of the best value flagships on the market. In typical fashion, however, the OnePlus 6 comes with a flaw. Wouldn’t be much of a OnePlus device if it didn’t, in fact.

A new report by XDA has discovered that the OnePlus 6 allows the flashing of unverified boot images, even when the device’s bootloader is locked. Android bootloaders are supposed to prevent the flashing of unsigned images, so it’s a tad confusing how OnePlus let something so basic get past them. Of course, the same company released the OnePlus 5 with an inverted display panel last year, so this may as well be about par.

The vulnerability means that users of the OnePlus 6 don’t have to unlock their bootloaders before tinkering with their devices. On the flip side, it also means that unsavory individuals can just wipe and install whatever image they fancy if they get their hands on a OnePlus 6. The whole process, of course, requires physical access to the device and a computer from which to run the needed commands.

OnePlus has acknowledged the issue and stated that it is working on a security update that closes off the loophole.

Source(s)

XDA-Developers

Dell has really dropped the ball here. (Image source: Dell)

Dell laptops confirmed to be affected by serious SupportAssist security flaw 05/03/2019

The Limited Edition OnePlus 6 Red is coming July 10. (Source: OnePlus)

Limited Edition OnePlus 6 Red coming July 10 07/02/2018

New update affects the OnePlus 6's battery performance, and not in a good way 06/25/2018

OnePlus is apparently offering separate cashback vouchers of varying amounts instead of a single voucher. (Source: PiunikaWeb)

OnePlus 6 trade-in program throws up an unpleasant surprise 06/20/2018

The OnePlus 6 sold more than one million phones in its first 22 days on the market 06/15/2018

OnePlus 6 facial recognition being tricked using a photo (Source: rik)

Farce ID: The OnePlus 6 flagship fell for a photo 05/30/2018

Image: OnePlus (w/ edits by article author)

Up to 40,000 OnePlus customers may have had their credit card information stolen 01/19/2018

OnePlus caught swiping user data again, only this time also sending it to China-controlled servers 01/11/2018

A more fitting name if this trend of fails continues. (Source: CHEIL India)

OnePlus is collecting user data without permission, and you should be scared 10/10/2017

Soon OnePlus 5 owners will be able to dial these three numbers without worrying if their phone will reboot. (Source: Own)

OnePlus 5 OTA update for the emergency call bug expected soon 07/21/2017

The OnePlus 5 has had a bug-filled launch. (Source: OnePlus)

Some users report OnePlus 5 crashes when dialing 911 07/18/2017

The OnePlus series has always had the ethos of flagship performance at mid-tier prices. (Source: The Verge)

OnePlus 5 caught gaming benchmarks (again) 06/21/2017

The OnePlus 3T has been found to have cheated on benchmarking tools like AnTuTu. (Source: Phone Arena)

OnePlus and Meizu caught cheating on benchmarks 02/01/2017

Loading Comments

Comment on this article

LG's new Q7 devices go on sale in K...

Android One Mi A2 spotted online, S...

Ricci Rox - Senior Tech Writer - 2735 articles published on Notebookcheck since 2017

I like tech, simple as. Half the time, you can catch me writing snarky sales copy. The rest of the time, I'm either keeping readers abreast with the latest happenings in the mobile tech world or watching football. I worked as both a journo and freelance content writer for a couple of years before joining the Notebookcheck team in 2017. Feel free to shoot me some questions on Twitter or Reddit if it so tickles thine fancy.

contact me via: @riccirox, LinkedIn

Please share our article, every link counts!

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2018 06 > Security vulnerability discovered in the new OnePlus 6

Ricci Rox, 2018-06-16 (Update: 2018-06-16)

Update | Security vulnerability discovered in the new OnePlus 6

Source(s)

Related Articles