OnePlus accused of leaving a backdoor to give root access

OnePlus Left Behind a Testing App on Its Devices With Backdoor to Root Access Report

OnePlus Left Behind a Testing App on Its Devices With Backdoor to Root Access Report

They found that the application - used for factory testing - could be easily used to gain root access to phones.

The app is called EngineerMode and it is preinstalled on the OnePlus 3, 3T and 5.

You can also check if this application is installed on your OnePlus device or not.

On the one hand, it does mean that it will be dead simple to root those three OnePlus phones without even having to unlock the bootloader.

As a diagnostic app, EngineerMode has a few tricks to gain entry into parts of the file system and OS functionality unavailable to most apps. "There's an activity - dubbed 'DiagEnabled" - associated with this app, which if launched with the correct password will give you the root access. If you have a OnePlus phone, you may be interested - and a little disturbed - to learn that the company is preinstalling an app that acts as a backdoor to root access. With the help of a few cybersecurity experts, the required password was discovered, making rooting a OnePlus phone as easy as running a few commands. A malicious app or malware that is built around this loophole would potentially be able to target OnePlus devices and wreck havoc. While it's likely not possible for any random app to obtain root with this method, as the commands can only be run through ADB, this could be used in conjunction with another vulnerability (like this one) to cause harm.

In a statement to Android Authority, OnePlus said "We securely transmit analytics in two different streams over HTTPS to an Amazon server". Hopefully OnePlus will remove the application from its devices with an update, all the way back to the OnePlus One.