OnePlus 6 Security Flaw Lets Anyone Bypass Its Locked Bootloader, But A Fix Is On The Way
A security researcher discovered a vulnerability on the OnePlus 6 lets you bypass the phone’s locked bootloader with any modified boot image.
You need physical access to the phone to take advantage of the vulnerability.
OnePlus confirmed the vulnerability and said it will push out a software update to fix the issue.
According to Edge Security LLC president and XDA Developers forum member Jason Donenfeld, the OnePlus 6 features a vulnerability that let him bypass the locked bootloader with any modified boot image. Even weirder, Jason Donenfeld did not have to turn on USB debugging. That is usually a requirement when it comes to messing around with your smartphone.
Android Police verified the vulnerability and was able to boot TWRP on its bootloader-locked OnePlus 6.
It also noted that folks can modify a stock OnePlus 6 boot image to include root access and an insecure ADB, which would allow an attacker to gain full control of the device if they wanted to.
Fix On The Way For OnePlus 6 Bootloader Security Flaw
A security researcher has discovered a vulnerability in the OnePlus 6 bootloader. This flaw makes it possible for someone to boot arbitrary or modified images – even if the bootloader is locked
Exploiting the vulnerability requires someone to have physical access to the phone, and after this, it is a relatively simple task to restart the handset in fastboot mode. From here it would be possible to load a modified boot image, including one that has root access.
The discovery was made by Jason Donenfeld, president of Edge Security. He notes that if a boot image is modified with insecure ADB and ADB as root by default, it would be possible for an attacker to gain complete control over a handset. In a tweet, Edge Security showed off the vulnerability in action:
With no special requirements beyond having physical access to the device so it can be hooked up to a PC, is this something that OnePlus 6 owners should be worried about?
While there is certainly some cause for concern, OnePlus says it is working on plugging the security hole.
In a statement, the company says: We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly.