OnePlus devices, like most of the Android devices have been plagued by some sort of critical vulnerabilities over the past years. If you recall, the well-known “backdoor” vulnerability featuring the Engineering Mode app as the culprit on OnePlus 5T and its predecessors have deployed much concern regarding the security of Android devices as whole. Looks like, the latest OnePlus flagship, OnePlus 6 is also not at all devoid of such vulnerabilities.
— Edge Security (@EdgeSecurity) June 9, 2018
Jason Donenfeld, president of Edge Security LLC cum a recognized developer at XDA with pseudo-name zx2c4, has discovered a vulnerability that lets an attacker flash an arbitrary modified image on even bootloader locked OnePlus 6 units. The attacker only needs the physical access of your device in order to bypass the bootloader protection measures.
Unlike the aforementioned backdoor vulnerability which requires the user to have USB Debugging already enabled to initiate the attack, in this case it’s not needed. Literally, making the situation more alarming as the attacker can grab the full access of any OnePlus 6, no matter whether secure lock is enabled or disabled on the device.
As you can see, here the bootloader is not performing the job what it’s actually meant for. That is, to prevent the unsigned or unauthorized images to be flashed onto the system. There are even reports that, TWRP can be flashed on OnePlus 6 without unlocking the bootloader and that, in deed, is the proof of this flaw.
Since the issue has now become wide-spread and presumably hot talk of the tech-town. OnePlus is now live apparently acknowledging the issue. In a statement given to the users, OnePlus has ensured to roll-out an update soon to uproot the vulnerability from the device.
We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly.” – OnePlus spokesperson