Vulnerability Details CVE-2017-5626
OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset. This allows for persistent code execution with high privileges (kernel/root) with complete access to user data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2017-5626
-
cpe:2.3:h:oneplus:oneplus_3:-
-
cpe:2.3:h:oneplus:oneplus_3t:-
-
cpe:2.3:o:oneplus:oxygenos:3.2.8
-
cpe:2.3:o:oneplus:oxygenos:3.5.4