CVE-2017-5947

Name of the Vulnerable Software and Affected Versions OnePlus devices versions OxygenOS 5.0 and earlier

Description An issue allows an attacker to reboot the device into the Qualcomm Emergency Download (EDL) mode, potentially enabling the downgrading of partitions such as the Android Bootloader. This can be achieved through ADB or by using the Volume-Up button when connected to USB.

Recommendations For OxygenOS 5.0 and earlier, consider restricting access to ADB and physical interactions with the device, such as limiting the use of the Volume-Up button when connected to USB, until a patch is available. As a temporary workaround, restrict physical access to the device to minimize the risk of exploitation.