OxygenOS Bootloader Partial Ciphertext Dump Vulnerability

OxygenOS Bootloader Partial Ciphertext Dump Vulnerability

CVE-2017-5625 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot command.

Learn more about our Web Application Penetration Testing UK.