Vulnerability Description
An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. The attacker can reboot the device into the fastboot mode, which could be done without any authentication. A physical attacker can press the "Volume Up" button during device boot, where an attacker with ADB access can issue the adb reboot bootloader command. Then, the attacker can put the platform's SELinux in permissive mode, which severely weakens it, by issuing: fastboot oem selinux permissive.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oneplus | Oxygenos | <= 3.2.8 |
| Oneplus | Oneplus 3 | - |
| Oneplus | Oneplus 3T | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/95706Third Party AdvisoryVDB Entry
- https://securityresear.ch/2017/01/11/fastboot-oem-selinux-permissive/Third Party Advisory
- https://www.xda-developers.com/oneplus-33t-bootloader-vulnerability-allows-changThird Party Advisory
- http://www.securityfocus.com/bid/95706Third Party AdvisoryVDB Entry
- https://securityresear.ch/2017/01/11/fastboot-oem-selinux-permissive/Third Party Advisory
- https://www.xda-developers.com/oneplus-33t-bootloader-vulnerability-allows-changThird Party Advisory
FAQ
What is CVE-2017-5554?
CVE-2017-5554 is a vulnerability with a CVSS score of 8.1 (HIGH). An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. The attacker can reboot the device into the fastboot mode, which could be done without any authentication. A physical attack...
How severe is CVE-2017-5554?
CVE-2017-5554 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-5554?
Check the references section above for vendor advisories and patch information. Affected products include: Oneplus Oxygenos, Oneplus Oneplus 3, Oneplus Oneplus 3T.