NVD

Id
85940  
Name
CVE-2017-5948  
Description
An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnerable to downgrade attacks. This is due to a lenient 'updater-script' in OTAs that does not check that the current version is lower than or equal to the given image's. Downgrades can occur even on locked bootloaders and without triggering a factory reset, allowing for exploitation of now-patched vulnerabilities with access to user data. This vulnerability can be exploited by a Man-in-the-Middle (MiTM) attacker targeting the update process. This is possible because the update transaction does not occur over TLS (CVE-2016-10370). In addition, a physical attacker can reboot the phone into recovery, and then use 'adb sideload' to push the OTA (on OnePlus 3/3T 'Secure Start-up' must be off).  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-05-27  
Published
2017-05-11  
Modified Date
2017-05-19  
Seq
2017-5948  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67765 JVNDB-2017-004054 複数の OnePlus One デバイスにおけるアクセス制御に関する脆弱性 OnePlus One、X、2、3、および 3T デバイスには、アクセス制御に関する脆弱性が存在します。 CVE-2017-5948 0 CVE-2017-5948 85940 4.3 5.9 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004054.html 2017-05-11 2017-06-15 View