123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Technology,-Gadget-and-Science >> View Article

Vulnerabilities In Oneplus Devices

Profile Picture
By Author: Wisemonkeys
Total Articles: 277
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

A shockingly bad news have been emerged for the OnePlus lovers. On January 26, 2017, a security researcher, “ Roee Hay of Aleph Research “ had discovered four vulnerabilities that affect all OnePlus handsets, including One, X, 2, 3 and 3T. Roee and his team notified OnePlus team about four different vulnerabilities that they felt needed to be patched. Two of these have been marked as critical (CVE-2017–5948 & CVE-2017–8850) while the other two had their severity marked as high (CVE-2017–8851 & CVE-2016–10370). The team reported these to OnePlus in a responsible manner and with that came a 90-day disclosure deadline. Aleph Research went as far as to even extend this by 14 days, but they are still left unpatched. However, when OnePlus failed to release patches for the issues even after 90 days of responsible disclosure, and 14 days of additional ultimatum, the researcher decided to go public with the details of the vulnerabilities. One of the unpatched vulnerabilities allows Man-in-the-Middle (MitM) attack against OnePlus device users, allowing a remote attacker to downgrade the device’s operating system ...
... to an older version, which could then expand the attack surface for exploitation of previously disclosed now-patched vulnerabilities. Let’s see what those vulnerabilities are:

OnePlus OTA Lack Of TLS Vulnerability: CVE-2016–10370.
Roee Hay have claimed that OnePlus is rolling OS and security update over an unencrypted channel. According to them, OnePlus delivers OTA (over-the-air) updates over HTTP (Hypertext Transfer Protocol) without TLS (Transport Layer Security), enabling many to perform MitM attack on the devices.

2. OnePlus OTA Downgrade Vulnerability: CVE-2017–5948

This flaw allows a remote attacker to downgrade the operating system of a targeted OnePlus device, either running on OxygenOS or HydrogenOS, to an earlier version that may contain vulnerabilities disclosed previously. Since all the OnePlus OTAs of different ROMs and products are signed by the same digital key, the device will accept and install any OTA image, even if the bootloader is locked.

Security Researcher demonstrates how we can exploit CVE-2017–5948 & CVE-2016–10370 in order to downgrade OxygenOS from 4.1.3 to 4.0.0 via MiTM.

3. Same Product ROM Crossover (CVE-2017–8850).

This flaw allows a remote attacker to replace any version of OxygenOS on a targeted OnePlus device with any version of HydrogenOS, even on locked bootloaders. This attack is possible because of the fact that both ROMs use the same OTA verification keys.

4. Different Product ROM Crossover (CVE-2017–8851).

This flaw, which only affects OnePlus X and OnePlus One, is practically same as the above two, but in this case, a remote MiTM attacker can even replace the OS (Oxygen/Hydrogen) designed for OnePlus X with the OS (Oxygen/Hydrogen) designed for OnePlus One, even on locked bootloaders. This is because both the devices use the same OTA verification keys and share the same ro.build.product system property.

“That could theoretically allow for exploitation of vulnerabilities patched on one image but not on the other, in addition to the expansion of the attack surface,” Hay says. “Moreover, the vulnerability may result in having the device unusable until a Factory Reset is performed.”
All this flaws are still unpatched as on September 2017 despite of the fact that the researchers reported to the OnePlus team in January 2017 and then made it public in May 2017. ADVICE: I would Suggest Oneplus users to avoid connecting to untrusted networks or public Wi-Fi networks as exploitation requires the attacker and the targeted device to be on the same network Source: Aleph Security Found it Interesting? Follow Me Here : Taha Chatriwala Stay Secure ! Stay Happy !!

Wisemonkeys(https://wisemonkeys.info/), is an LMS platform with unique features like “Ask a question” and get it answers by experts within no time . It’s a mass initiative to spread knowledge worldwide, truly believe in “When we know knowledge is free then why not spread it.” From various sectors to industries, write your heart out and get noticed.

Explore Wisemonkeys now.(https://me.wisemonkeys.info/login)

For the Monkeys | By the Monkeys.

Total Views: 342Word Count: 642See All articles From Author

Add Comment

Technology, Gadget and Science Articles

1. How Modern Manufacturers Use Omnichannel Ticketing To Reduce Downtime
Author: Hodusoft

2. Odoo Implementation Strategy: Step-by-step Guide For Success
Author: Alex Forsyth

3. Dynamic Food Delivery Pricing Via Menu Scraping
Author: Real Data API

4. Leverage Naver Cosmetic Product Price Data Scraping
Author: Den Rediant

5. Will Milady Meme Coin Price Prediction 2025 Deliver Millionaire Returns?
Author: Hannah

6. Leverage Ai Return Prevention Technique To Boost Peak Season & Holiday Sales
Author: Warren

7. Price Monitoring Vs Price Intelligence For Us Ecommerce Retailers
Author: Den Rediant

8. Monthly Real Estate Trends From Rera Scraping – New Delhi
Author: Actowiz Solutions

9. Bedside Ultrasound Market Insights And Growth Opportunities
Author: Shreya

10. The Role Of Web Development In Enhancing User Experience (ux) And Engagement
Author: michaeljohnson

11. Online Product Data Scraping From Tesco Uk: Key Benefits And Insights
Author: Den Rediant

12. States And Props In React
Author: jatin

13. The Hidden Costs In The Development Cost Of Ai Agent You Must Know
Author: michaeljohnson

14. Cold Chain Equipment Forecast 2032 – Regional Shares, Cagr Differences & Post-covid Impact
Author: Suvarna

15. Weekly Fuel Cost Tracker For Germany, France, Italy
Author: Actowiz Solutions

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: