VAR-201703-0732
Vulnerability from variot - Updated: 2023-12-26 23:15With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnerabilities and/or exfiltrate sensitive information. OxygenOS Contains an access control vulnerability.Information may be obtained and information may be altered. OnePlus3 and 3T are the smartphones of OnePlus. OxygenOS is its own operating system. There is a security bypass vulnerability in OxygenOS in OnePlus3 and 3T. OnePlus OxygenOS is prone to a local code-execution vulnerability. A local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts may lead to denial-of-service conditions. Versions prior to OnePlus OxygenOS 4.0.3 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0732",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oxygenos",
"scope": "lt",
"trust": 1.4,
"vendor": "oneplus",
"version": "4.0.3"
},
{
"model": "3t",
"scope": null,
"trust": 1.1,
"vendor": "oneplus",
"version": null
},
{
"model": "oxygenos",
"scope": "lte",
"trust": 1.0,
"vendor": "oneplus",
"version": "4.0.2"
},
{
"model": "oxygenos",
"scope": "eq",
"trust": 0.9,
"vendor": "oneplus",
"version": "4.0.2"
},
{
"model": "3",
"scope": null,
"trust": 0.8,
"vendor": "oneplus",
"version": null
},
{
"model": "oxygenos",
"scope": "eq",
"trust": 0.3,
"vendor": "oneplus",
"version": "4.0.1"
},
{
"model": "oneplus",
"scope": "eq",
"trust": 0.3,
"vendor": "oneplus",
"version": "3"
},
{
"model": "oxygenos",
"scope": "ne",
"trust": 0.3,
"vendor": "oneplus",
"version": "4.0.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "BID",
"id": "97092"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oneplus:oxygenos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:oneplus:oneplus_3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:oneplus:oneplus_3t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5622"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roee Hay (@roeehay) of Aleph Research, HCL Technologies.",
"sources": [
{
"db": "BID",
"id": "97092"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-5622",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-05363",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5622",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5622",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-05363",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1094",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-5622",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnerabilities and/or exfiltrate sensitive information. OxygenOS Contains an access control vulnerability.Information may be obtained and information may be altered. OnePlus3 and 3T are the smartphones of OnePlus. OxygenOS is its own operating system. There is a security bypass vulnerability in OxygenOS in OnePlus3 and 3T. OnePlus OxygenOS is prone to a local code-execution vulnerability. \nA local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts may lead to denial-of-service conditions. \nVersions prior to OnePlus OxygenOS 4.0.3 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "BID",
"id": "97092"
},
{
"db": "VULMON",
"id": "CVE-2017-5622"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5622",
"trust": 3.4
},
{
"db": "BID",
"id": "97092",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-05363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-5622",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"db": "BID",
"id": "97092"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"id": "VAR-201703-0732",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
}
]
},
"last_update_date": "2023-12-26T23:15:59.937000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://oneplus.net/"
},
{
"title": "OnePlus3 and 3TOxygenOS security bypass vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/92318"
},
{
"title": "OnePlus 3 and 3T OxygenOS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68756"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-276",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "NVD",
"id": "CVE-2017-5622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://alephsecurity.com/vulns/aleph-2017004"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/97092"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5622"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5622"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/97092/info"
},
{
"trust": 0.3,
"url": "https://alephsecurity.com/2017/03/26/oneplus3t-adb-charger/"
},
{
"trust": 0.3,
"url": "https://forums.oneplus.net/threads/oxygenos-4-0-3-n-ota-for-oneplus-3.497080/"
},
{
"trust": 0.3,
"url": "https://oneplusstore.in/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"db": "BID",
"id": "97092"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"db": "BID",
"id": "97092"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"date": "2017-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"date": "2017-02-09T00:00:00",
"db": "BID",
"id": "97092"
},
{
"date": "2017-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"date": "2017-03-26T20:59:00.160000",
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"date": "2017-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05363"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5622"
},
{
"date": "2017-03-29T00:02:00",
"db": "BID",
"id": "97092"
},
{
"date": "2017-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002681"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-5622"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "97092"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OxygenOS Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002681"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1094"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…