Vulnerability Details CVE-2017-5625
In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.4%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
Products affected by CVE-2017-5625
-
cpe:2.3:h:oneplus:oneplus_3:-
-
cpe:2.3:h:oneplus:oneplus_3t:-
-
cpe:2.3:o:oneplus:oxygenos:3.2.8
-
cpe:2.3:o:oneplus:oxygenos:3.5.4
-
cpe:2.3:o:oneplus:oxygenos:4.0.2