OnePlus, the Chinese smartphone maker lately rolled out its flagship handset OnePlus 6 and since its roll out the handset has been in headlines for some problem or the other. Now a security scientist has found a new security error in the handset. The problem found is with the bootloader and it will offer authorization of the entire phone to the attackers.
The US-based Edge Security LLC’s Jason Donenfield has discovered out the vulnerability on OnePlus 6 that will allow anybody with physical authorization to the handset and a PC to physically secure the handset. As claimed by XDA, “If the boot picture is changed with ADB as root by default and unsafe ADB, then a hacker with physical authorization will have entire control over the handset.”
The main issue here is that the weakness can be used if the consumer has the device actually present with them. In spite of this, it is a quite serious safety error as consumers are very much worried about their private information amassed on a handset.
The security company has claimed the error to OnePlus, which has acknowledged the problem. OnePlus has also issued an official statement claiming, “We take safety seriously at OnePlus. We are contacting the security scientist, and a software revamp will be launching soon.”
To recall, the OnePlus 6 was rolled out last month in India with an introductory price of Rs 34,999. The handset is fueled by Qualcomm Snapdragon 845 chipset and operates on Android 8.0 Oreo OS. The firm has also disclosed that the OnePlus 6 will also get Android P upgrade. The handset arrives with 64 GB/128 GB of internal memory and 6 GB/8 GB of RAM. In addition to this, the handset supports fast charging and has a bezel-less display, similar to that of iPhone X.