Описание
An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download (EDL) mode through ADB or by using Volume-Up when connected to USB, which in turn could allow for downgrading partitions such as the Android Bootloader.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0 (включая)
Одновременно
cpe:2.3:o:oneplus:oxygenos:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:oneplus:oneplus_2:-:*:*:*:*:*:*:*
cpe:2.3:h:oneplus:oneplus_3:-:*:*:*:*:*:*:*
cpe:2.3:h:oneplus:oneplus_3t:-:*:*:*:*:*:*:*
cpe:2.3:h:oneplus:oneplus_5:-:*:*:*:*:*:*:*
cpe:2.3:h:oneplus:oneplus_one:-:*:*:*:*:*:*:*
cpe:2.3:h:oneplus:oneplus_x:-:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00139
Низкий
6.8 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.8
github
больше 3 лет назад
An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download (EDL) mode through ADB or by using Volume-Up when connected to USB, which in turn could allow for downgrading partitions such as the Android Bootloader.
EPSS
Процентиль: 34%
0.00139
Низкий
6.8 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
NVD-CWE-noinfo