Details of VAR-201703-0732

ID

VAR-201703-0732

CVE

CVE-2017-5622

TITLE

OxygenOS Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-002681

DESCRIPTION

With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnerabilities and/or exfiltrate sensitive information. OxygenOS Contains an access control vulnerability.Information may be obtained and information may be altered. OnePlus3 and 3T are the smartphones of OnePlus. OxygenOS is its own operating system. There is a security bypass vulnerability in OxygenOS in OnePlus3 and 3T. OnePlus OxygenOS is prone to a local code-execution vulnerability. A local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts may lead to denial-of-service conditions. Versions prior to OnePlus OxygenOS 4.0.3 are vulnerable

Trust: 2.52

sources: NVD: CVE-2017-5622 // JVNDB: JVNDB-2017-002681 // CNVD: CNVD-2017-05363 // BID: 97092 // VULMON: CVE-2017-5622

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-05363

AFFECTED PRODUCTS

vendor:	oneplus	model:	oxygenos	scope:	lt	version:	4.0.3	Trust: 1.4
vendor:	oneplus	model:	3t	scope:	-	version:	-	Trust: 1.1
vendor:	oneplus	model:	oxygenos	scope:	lte	version:	4.0.2	Trust: 1.0
vendor:	oneplus	model:	oxygenos	scope:	eq	version:	4.0.2	Trust: 0.9
vendor:	oneplus	model:	3	scope:	-	version:	-	Trust: 0.8
vendor:	oneplus	model:	oxygenos	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	oneplus	model:	oneplus	scope:	eq	version:	3	Trust: 0.3
vendor:	oneplus	model:	oxygenos	scope:	ne	version:	4.0.3	Trust: 0.3

sources: CNVD: CNVD-2017-05363 // BID: 97092 // JVNDB: JVNDB-2017-002681 // NVD: CVE-2017-5622 // CNNVD: CNNVD-201703-1094

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-5622
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2017-05363
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-201703-1094
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2017-5622
value:	LOW
Trust: 0.1

NVD:
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-5622
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9
CNVD:	CNVD-2017-05363
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

NVD:
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	0.7
impactScore:	5.2
version:	3.0
Trust: 1.0
NVD:	CVE-2017-5622
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-05363 // VULMON: CVE-2017-5622 // JVNDB: JVNDB-2017-002681 // NVD: CVE-2017-5622 // CNNVD: CNNVD-201703-1094

PROBLEMTYPE DATA

problemtype:	CWE-276	Trust: 1.0
problemtype:	CWE-284	Trust: 0.8

sources: JVNDB: JVNDB-2017-002681 // NVD: CVE-2017-5622

THREAT TYPE

local

Trust: 0.9

sources: BID: 97092 // CNNVD: CNNVD-201703-1094

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201703-1094

CONFIGURATIONS

sources: NVD: CVE-2017-5622

PATCH

title:	Top Page	url:	https://oneplus.net/	Trust: 0.8
title:	OnePlus3 and 3TOxygenOS security bypass vulnerability patches	url:	https://www.cnvd.org.cn/patchinfo/show/92318	Trust: 0.6
title:	OnePlus 3 and 3T OxygenOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68756	Trust: 0.6
title:	Awesome CVE PoC	url:	https://github.com/lnick2023/nicenice	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/qazbnm456/awesome-cve-poc	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/xbl3/awesome-cve-poc_qazbnm456	Trust: 0.1

sources: CNVD: CNVD-2017-05363 // VULMON: CVE-2017-5622 // JVNDB: JVNDB-2017-002681 // CNNVD: CNNVD-201703-1094

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5622	Trust: 3.4
db:	BID	id:	97092	Trust: 2.6
db:	JVNDB	id:	JVNDB-2017-002681	Trust: 0.8
db:	CNVD	id:	CNVD-2017-05363	Trust: 0.6
db:	CNNVD	id:	CNNVD-201703-1094	Trust: 0.6
db:	VULMON	id:	CVE-2017-5622	Trust: 0.1

sources: CNVD: CNVD-2017-05363 // VULMON: CVE-2017-5622 // BID: 97092 // JVNDB: JVNDB-2017-002681 // NVD: CVE-2017-5622 // CNNVD: CNNVD-201703-1094

REFERENCES

url:	https://alephsecurity.com/vulns/aleph-2017004	Trust: 3.4
url:	http://www.securityfocus.com/bid/97092	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-5622	Trust: 1.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5622	Trust: 0.8
url:	http://www.securityfocus.com/bid/97092/info	Trust: 0.6
url:	https://alephsecurity.com/2017/03/26/oneplus3t-adb-charger/	Trust: 0.3
url:	https://forums.oneplus.net/threads/oxygenos-4-0-3-n-ota-for-oneplus-3.497080/	Trust: 0.3
url:	https://oneplusstore.in/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/276.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/lnick2023/nicenice	Trust: 0.1
url:	https://github.com/qazbnm456/awesome-cve-poc	Trust: 0.1

sources: CNVD: CNVD-2017-05363 // VULMON: CVE-2017-5622 // BID: 97092 // JVNDB: JVNDB-2017-002681 // NVD: CVE-2017-5622 // CNNVD: CNNVD-201703-1094

CREDITS

Roee Hay (@roeehay) of Aleph Research, HCL Technologies.

Trust: 0.3

sources: BID: 97092

SOURCES

db:	CNVD	id:	CNVD-2017-05363
db:	VULMON	id:	CVE-2017-5622
db:	BID	id:	97092
db:	JVNDB	id:	JVNDB-2017-002681
db:	NVD	id:	CVE-2017-5622
db:	CNNVD	id:	CNNVD-201703-1094

LAST UPDATE DATE

2023-12-26T23:15:59.937000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05363	date:	2017-04-26T00:00:00
db:	VULMON	id:	CVE-2017-5622	date:	2019-10-03T00:00:00
db:	BID	id:	97092	date:	2017-03-29T00:02:00
db:	JVNDB	id:	JVNDB-2017-002681	date:	2017-04-25T00:00:00
db:	NVD	id:	CVE-2017-5622	date:	2019-10-03T00:03:26.223
db:	CNNVD	id:	CNNVD-201703-1094	date:	2019-10-23T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-05363	date:	2017-04-26T00:00:00
db:	VULMON	id:	CVE-2017-5622	date:	2017-03-26T00:00:00
db:	BID	id:	97092	date:	2017-02-09T00:00:00
db:	JVNDB	id:	JVNDB-2017-002681	date:	2017-04-25T00:00:00
db:	NVD	id:	CVE-2017-5622	date:	2017-03-26T20:59:00.160
db:	CNNVD	id:	CNNVD-201703-1094	date:	2017-03-28T00:00:00