Sign-up

ID

VAR-201701-0738


CVE

CVE-2017-5554


TITLE

OnePlus 3 and 3T of OxygenOS of ABOOT Without authentication in fastboot To reboot the device in mode

Trust: 0.8

sources: JVNDB: JVNDB-2017-001361

DESCRIPTION

An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. The attacker can reboot the device into the fastboot mode, which could be done without any authentication. A physical attacker can press the "Volume Up" button during device boot, where an attacker with ADB access can issue the adb reboot bootloader command. Then, the attacker can put the platform's SELinux in permissive mode, which severely weakens it, by issuing: fastboot oem selinux permissive. OnePlus3and3T is one of the two smart phones from the company. OnePlus3and3T has a denial of service vulnerability. A remote attacker could exploit the vulnerability to restart the device, causing a denial of service. OnePlus 3 and 3T is prone to a local denial-of-service vulnerability

Trust: 2.43

sources: NVD: CVE-2017-5554 // JVNDB: JVNDB-2017-001361 // CNVD: CNVD-2017-01097 // BID: 95706

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-01097

AFFECTED PRODUCTS

vendor:oneplusmodel:3tscope: - version: -

Trust: 1.7

vendor:oneplusmodel:oxygenosscope:lteversion:3.5.4

Trust: 1.0

vendor:oneplusmodel:oxygenosscope:lteversion:3.2.8

Trust: 1.0

vendor:oneplusmodel:oxygenosscope:eqversion:4.0.1

Trust: 0.9

vendor:oneplusmodel:oneplusscope:eqversion:3

Trust: 0.9

vendor:oneplusmodel:3scope: - version: -

Trust: 0.8

vendor:oneplusmodel:oxygenosscope:ltversion:4.0.2

Trust: 0.8

vendor:oneplusmodel:oxygenosscope:eqversion:3.2.8

Trust: 0.6

vendor:oneplusmodel:oxygenosscope:eqversion:3.5.4

Trust: 0.6

vendor:oneplusmodel:oxygenosscope:neversion:4.0.2

Trust: 0.3

sources: CNVD: CNVD-2017-01097 // BID: 95706 // JVNDB: JVNDB-2017-001361 // CNNVD: CNNVD-201701-863 // NVD: CVE-2017-5554

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-5554
value: HIGH

Trust: 1.0

NVD: CVE-2017-5554
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-01097
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201701-863
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2017-5554
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-01097
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2017-5554
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-01097 // JVNDB: JVNDB-2017-001361 // CNNVD: CNNVD-201701-863 // NVD: CVE-2017-5554

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.0

problemtype:CWE-264

Trust: 0.8

sources: JVNDB: JVNDB-2017-001361 // NVD: CVE-2017-5554

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201701-863

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201701-863

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-001361

PATCH
title:Top Pageurl:https://oneplus.net/
Trust: 0.8
title:Patch for OnePlus3and3T Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/88796
Trust: 0.6
title:OnePlus 3  and 3T OxygenOS Fixes for permission permissions and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67386
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-01097 // 
            
            
            
            JVNDB: JVNDB-2017-001361 // 
            
            
            
            CNNVD: CNNVD-201701-863

EXTERNAL IDS
db:NVDid:CVE-2017-5554
Trust: 3.3
db:BIDid:95706
Trust: 2.5
db:JVNDBid:JVNDB-2017-001361
Trust: 0.8
db:CNVDid:CNVD-2017-01097
Trust: 0.6
db:CNNVDid:CNNVD-201701-863
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-01097 // 
            
            
            
            BID: 95706 // 
            
            
            
            JVNDB: JVNDB-2017-001361 // 
            
            
            
            CNNVD: CNNVD-201701-863 // 
            
            
            
            NVD: CVE-2017-5554

REFERENCES
url:https://securityresear.ch/2017/01/11/fastboot-oem-selinux-permissive/
Trust: 2.4
url:http://www.securityfocus.com/bid/95706
Trust: 2.2
url:https://www.xda-developers.com/oneplus-33t-bootloader-vulnerability-allows-changing-of-selinux-to-permissive-mode-in-fastboot/
Trust: 1.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5554
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5554
Trust: 0.8
url:https://oneplusstore.in/
Trust: 0.3
url:https://exchange.xforce.ibmcloud.com/collection/oneplus-3-fastboot-oem-selinux-permissive-vulnerability-d38d8557f1a01570539151c782d52aaf
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-01097 // 
            
            
            
            BID: 95706 // 
            
            
            
            JVNDB: JVNDB-2017-001361 // 
            
            
            
            CNNVD: CNNVD-201701-863 // 
            
            
            
            NVD: CVE-2017-5554

CREDITS
Roee Hay of the IBM X-Force Application Security Research Team.
Trust: 0.3
sources:
            
            
            BID: 95706

SOURCES
db:CNVDid:CNVD-2017-01097
db:BIDid:95706
db:JVNDBid:JVNDB-2017-001361
db:CNNVDid:CNNVD-201701-863
db:NVDid:CVE-2017-5554

LAST UPDATE DATE
2025-04-20T23:27:29.113000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-01097date:2017-02-08T00:00:00
db:BIDid:95706date:2017-02-02T00:01:00
db:JVNDBid:JVNDB-2017-001361date:2017-02-06T00:00:00
db:CNNVDid:CNNVD-201701-863date:2019-10-23T00:00:00
db:NVDid:CVE-2017-5554date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-01097date:2017-02-08T00:00:00
db:BIDid:95706date:2017-01-23T00:00:00
db:JVNDBid:JVNDB-2017-001361date:2017-02-06T00:00:00
db:CNNVDid:CNNVD-201701-863date:2017-01-23T00:00:00
db:NVDid:CVE-2017-5554date:2017-01-23T07:59:00.627