OnePlus 6 bootloader flaw, allows full control of the phone | Tech-News | Priyank Gada



♦ Chat with me by clicking on this link – https://wa.me/917977764430?text=Notifications%20Activate

Udemy – [Hindi] Build 10 Python Web Apps and Learn Python 3 basics – https://goo.gl/Lk5Rt5 ( Please buy and support the channel )

♦ Summary
As per XDA ( XDA developers ) the OnePlus 6 bootloader has a loophole that allows an attacker to boot any modified image thus rendering the bootloader useless.

OnePlus 6 Security Issue
Basically, it allows attackers to bypass the locked bootloader and install modified images without actually unlocking the bootloader. In theory, it will grant the attacker complete control of the device. In simple terms, flashing and other modifications are possible without unlocking the bootloader.

The worst part is, attacker, doesn’t need to enable USB Debugging mode to do this. Luckily it requires physical custody of the device as well as PC connectivity thus making it hard for the attacker to perform the attack. The vulnerability was found by Edge Security LLC’s president Jason Donenfeld who is also a recognized XDA Developer. Folks at Android Police were also able to achieve root access by exploiting the same flaw.

It’s a big problem and thus OnePlus has acknowledged the issue and has issued a speedy statement as below

“We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly.” – OnePlus Spokesperson

In a similar story from the past year, the OnePlus 3T, and OnePlus 5 were found to have an app that allowed root access without unlocking the bootloader. OnePlus resolved that issue via an OTA update but received hate from the global community.

Source – https://www.xda-developers.com/oneplus-6-bootloader-protection-exploit-physical-access/
Edge Security Tweet – https://twitter.com/EdgeSecurity/status/1005461966863917056

♦ Metasploit – Hack any machine using Metasploit full course free – https://goo.gl/YuxaER

♦ Legit Hacking – How hackers use hacking in real life Full Course free – https://goo.gl/aMiZnM

♦ Android Penetration Testing with Python Full course free – https://goo.gl/jsns4h

♦ Ethical Hacking and Penetration Testing Full Course free – https://goo.gl/gJK9WX

♦ Python From Scratch for Beginners Full Course Free – https://goo.gl/CdlTq5

♦ Python For Penetration Testing Full Course free – https://goo.gl/jIuFFt

♦ Record Shopee – +919820449999

♦ Merchandise – https://amzn.to/2Hq5pPD

♦ Ask me questions ! I will answer them in weekly QnA Videos – https://goo.gl/vfJW4V

♦ Hindi Channel – https://goo.gl/X6N76B

♦ Subscribe to My Youtube Channel: https://goo.gl/cofDac

♦ Priyank Gada – Learn Anything Android App – https://goo.gl/8ktQH3

=================Social=================

♦ Facebook : www.facebook.com/webmaster.pg
♦ Twitter : www.twitter.com/webmaster_pg
♦ Youtube : www.youtube.com/priyankgada
♦ Instagram : www.instagram.com/gada.priyank
♦ Blog : www.priyankgada.blogspot.in
♦ Github : www.github.com/priyankgada

=================Credits=================
All rights reserved . Contact before using the videos.

Sound : ProleteR
Website – NCS – nocopyrightsounds.co.uk
Sound Cloud – https://goo.gl/ZJ88OI
Facebook – https://goo.gl/eMoCZH
Youtube Channel – https://goo.gl/iEWG5P
Website – https://www.priyankgada.com

[Illumination Production House]

===========Tags ============
Bootloader, OnePlus, OnePlus 6, Tech-News

source

2 thoughts on “OnePlus 6 bootloader flaw, allows full control of the phone | Tech-News | Priyank Gada

Comments are closed.