• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Bootloader vulnerability in OnePlus 6 lets an attacker take control of the device

June 11th, 2018 Waqas Security 0 comments
Bootloader vulnerability in OnePlus 6 lets an attacker take control of the device
Share on FacebookShare on Twitter

An IT security researcher has discovered a critical vulnerability in OnePlus 6 smartphones which if exploited can allow an attacker to boot any modified image even when the bootloader is locked – This means the attacker can have full access to OnePlus 6 device without digging any further.

The vulnerability was identified by Jason Donenfeld, a security researcher from Edge Security (zx2c4 on XDA) who stated that the aforementioned scenario is only possible if the attacker has physical access to OnePlus 6 device. Moreover, it requires a computer and USB cable – This means it is nearly impossible for a third-party to mess around with your OnePlus 6 smartphone.

See: OnePlus website hacked; credit card data of 40,000 users stolen

OnePlus, on the other hand, has acknowledged the issue and vows to issue a software update in the coming days. “We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly,” said the company.

The #OnePlus6 allows booting arbitrary images with `fastboot boot image.img`, even when the bootloader is completely locked and in secure mode. pic.twitter.com/MaP0bgEXXd

— Edge Security (@EdgeSecurity) June 9, 2018

OnePlus 6 was released a few weeks ago therefore if you own the device keep an eye on the update released by the company, meanwhile, do not leave your device unattended.

Lately, several OnePlus devices have been making headlines for built-in security flaws. Previously, a OnePlus 5 (OP5) user shared a video showing how his device rebooted whenever he dialed 911. In another incident, a security researcher discovered how OnePlus 5, 3 and 3T devices contained a pre-installed backdoor that was collecting user’s personal data.

  • Tags
  • hacking
  • internet
  • OnePlus
  • security
  • Smartphone
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Bitcoin falls after Korean exchange loses $40M following hack attack
Next article Meet Summit, world's fastest AI-powered supercomputer
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

47
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

85
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

107

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us