OnePlus accused of leaving a backdoor to give root access

OnePlus accused of leaving a backdoor to give root access

Baptiste found that OnePlus was shipping devices with the Qualcomm EngineerMode app - which is used by device makers for testing and diagnostics - with its OxygenOS customised version of Google's Android operating system.

OnePlus smartphones including OnePlus 3, 3T and 5 can be rooted without unlocking the bootloader via EngineerMode APK app. The app has the ability to diagnose Global Positioning System, check root status and perform a series of tests.

While the vulnerability allows attackers to use the EngineerMode app to fully compromise devices, a mitigating factor is that local access to devices is needed - no remote exploit is available. Now, another potential threat has arisen on OnePlus devices as an app on several of the company's phones has been revealed to carry root access.

Kim Kardashian, Jennifer Lawrence and More Read Mean Tweets About Jimmy Kimmel
Affleck starred in the trailer as Muscle Man. "We were created by a weird, sad kid who grew to later become a weird, fat man". Of course, Matt Damon plays the villainous Doctor Bolt, adding to his longstanding feud with Kimmel .

After tearing apart the phone's library, he managed to obtain root access though bypassing the escalate and isEscalated methods in the DiagEnabled activity.

As the impending launch of the OnePlus 5T nears, the company has once again found itself the subject of controversy. The company already drew criticism earlier this year over its onerous data collection practices, in which the company sucked up sensitive data from user devices and transmitted that information with each device's serial number attached. According to Alderson, the app is installed on some of the OnePlus devices. After bringing it to attention, security outfit NowSecure reverse engineered it and found that it could easily be exploited with a simple ADB command to enable a backdoor into devices that have the application installed. But it also serves as a warning to OnePlus to be particularly careful with the software it leaves on its future phones after they roll off the production line.

Related Articles