Thanks To A Backdoor, Hackers May Get Root Access To OnePlus Phones

OnePlus OxygenOS Root Access Backdoor

Phone maker OnePlus is shipping devices with a diagnostics app that allows root superuser access to the smartphone, potentially exposing sensitive user data.

OxygenOS 4.5.1 on the OnePlus 3 and version 4.5.14 on the OnePlus 5 come with the EngineerMode app installed. It is possible to exploit the app to gain root access to a device - all it takes is a simple command and a password that can be determined fairly easily. A developer has found an application that can be manipulated into to granting a backdoor root access.

Some digging into the deep system apps on OnePlus phones has resulted in the exposure of the vulnerability that OnePlus devices possess. Having root access essentially means the user has complete control over the device, including privileged control over features that would otherwise be locked up. OnePlus co-founder Car Pei tweeted that the company will look into the claims made by the developer. However, it can be exploited to enable backdoor rooting.

He was able to find a system app named EngineerMode that is actually a Qualcomm factory app with the ability to toggle components such as the charging chip, GPS, NFC and others - as this app shouldn't be included in consumer-side ROMs, it's a target app that malicious actors will want to crack into. Of course, expecting the developers to unlock the bootloader for each device during its testing phases would be ridiculous, but its inclusion does pose security risks for everyday users.

In a statement to Android Authority, OnePlus said "We securely transmit analytics in two different streams over HTTPS to an Amazon server". If it's as widespread as it appears to be, there's a good chance you'll see a software update removing EngineerMode.