Skip to main content
CVE-2017-5624 CRITICAL POC Act Now

An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Privilege Escalation Oxygenos
NVD
CVSS 3.0
9.8
EPSS
1.8%
CVE-2017-5626 CRITICAL POC Act Now

OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Oxygenos
NVD
CVSS 3.0
9.8
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy