An independent security researcher has discovered a security flaw in the OnePlus 6 that exploits an issue in the bootloader to give a potential hacker access to your phone. Jason Donenfield of Edge Security LLC, a security firm based in the United States, has discovered a vulnerability on the OnePlus 6 that allows anyone with physical access to the phone and a PC to physically tether the device to boot a modified image that bypasses bootloader locking and protection measures, as reported by XDA Developers. Also Read - OnePlus Nord CE vs Redmi Note 10 Pro Max: Does 4G still outdo 5G at a lesser price?Also Read - OnePlus Nord CE 5G pre-orders in India begin: How to book the new OnePlus
The vulnerability will give an attacker with physical access to the device full control over it, if the boot image is modified with an insecure ADB, and ADB as root by default, as per the XDA Developers report. A key factor here is that the vulnerability can only be exploited if the user has the device present physically. Even with this condition though, the security flaw is quite serious for anyone that is concerned about the security of their smartphone data. Also Read - OnePlus TV U1S series with 4K UHD display, Dolby Audio launched in India starting at Rs 39,999
The security firm has reported the flaw to OnePlus, and the company has acknowledged the issue. OnePlus has also released a statement with regard to the issue: “We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly.”
The OnePlus 6 was launched last month, and is priced from Rs 34,999 in India. The phone is powered by the Qualcomm Snapdragon 845 SoC, and comes with up to 8GB of RAM and 256GB of internal storage. The device comes with OxygenOS, on top of Android 8.1 Oreo. OnePlus is known for issuing regular software and security updates to its devices, and it’s likely that a fix to this vulnerability will be rolled out soon.