OnePlus and other OEMs have left an app installed which offers backdoor root access

The OnePlus 5T
will be unveiled in just a couple of days, butOnePlus is now in the news for a new and dubious reason. A developer found an application
hidden on the OnePlus 5
which acts as a backdoor for root access, and the app is named ‘EngineerMode’.

Awesome! Thanks to @insitusec
and the @NowSecureMobile
team, we have the password! It’s now possible to root an @Oneplus
device with a simple intent pic.twitter.com/gN0awYijBv

— Elliot Alderson (@fs0c131y) November 13, 2017

The purpose of the application is to allow OnePlus the ability to check the device to ensure that everything is working properly. The app performs various automated tasks, can check root status of the device in question, can make sure that the GPS chip is working properly, and more. However, the story here is that there is an activity within the ‘EngineerMode’ application which can enable root access when launched.

Once that activity is launched, all users will need is a command in ADB and the proper password, and the developer has confirmed a new tool is on the way to provide a brand-new root tool. This will make for one of the easiest root methods ever, but OnePlus is already on the case and is looking into the situation.

As it turns out, the ‘EngineerMode’ application is one that is created byQualcomm, meaning that there is likely a chance that this application is available on more devices than just those offered by OnePlus. The developer stated that they now have the APK from the ASUS ZenFone,Xiaomi Redmi 3S, and a device running MIUI.

Thanks for the heads up, we’re looking into it.

— Carl Pei (@getpeid) November 13, 2017

OnePlus CEO Carl Pei replied to the developer
stating that the company is “looking into it”, so we’ll likely see a new update released which will remove this ‘EngineerMode’ application. Nonetheless, if you are more excited about seeing a new root method for the OnePlus lineup, let us know in the comments below. Otherwise, there isn’t much to worry about here, as long as you are careful about downloading non-verified applications that could access parts of your phone and get access to your information.

Let us know what you think about this latest security issue from OnePlus in the comments below.

Android Phone Fans稿源:Android Phone Fans (源链) | 关于 | 阅读提示

本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » 手机数码 » OnePlus and other OEMs have left an app installed which offers backdoor root access

喜欢 (0)or分享给?

专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录