Vulnerabilities > Oneplus > Oneplus 3 > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-03-12 CVE-2017-5624 Improper Privilege Management vulnerability in Oneplus Oxygenos
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T.
network
low complexity
oneplus CWE-269
critical
10.0
2017-03-12 CVE-2017-5626 Unspecified vulnerability in Oneplus Oxygenos
OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset.
network
low complexity
oneplus
critical
10.0
2017-01-23 CVE-2017-5554 Improper Authentication vulnerability in Oneplus Oxygenos
An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2.
network
oneplus CWE-287
critical
9.3