Chinese smartphone manufacturer OnePlus and some of its latest devices are again making news for the wrong reasons. After allegations of leaking users' key device information without their permission, the concern this time is around a flaw in the operating system used in flagships OnePlus 3, OnePlus 3T and OnePlus 5. According to reports, this flaw gives backdoor root access to third-party apps. Mainly on account of EngineerMode APK, which comes pre-installed in these devices, the devices coould potentially give root access to third-party apps without unlocking the phone bootloader.
The EngineerMode APK flaw came to light after a Twitter user Elliot Alderson flagged the concern that the app acted as a backdoor, giving third-party apps a potential root access without unlocking the bootloader. According to Alderson’s tweet, the EngineerMode app is developed by Qualcomm for original equipment makers (OEMs) to test hardware components or diagnostic tests on devices. However, it has the potential of enabling backdoor rooting which can be exploited.
<Thread> Hey @OnePlus! I don't think this EngineerMode APK must be in an user build...— Elliot Alderson (@fs0c131y) November 13, 2017
This app is a system app made by @Qualcomm and customised by @OnePlus. It's used by the operator in the factory to test the devices. pic.twitter.com/lCV5euYiO6
Anderson also explained how one could check the device to know if one's smartphone had the EngineerMode app pre-installed. Here are the steps:
If you have an OnePlus device, I'm pretty sure you have this app pre-installed. To check open Settings -> Apps -> Menu -> Show system apps and search EngineerMode in the app list to check— Elliot Alderson (@fs0c131y) November 13, 2017
Soon after, OnePlus co-founder Carl Pei acknowledged the issue and tweeted that the company was looking into the matter. Later, the company confirmed the existence of such an app but denied the role of the app as a potential threat that could provide root access to third-party apps.
According to the company's blogpost, the app cannot grant root access to any app unless the USB debugging mode is turned on. It claims the mode is turned off by default, so the apps cannot gain complete root access without unlocking bootloader.
“The EngineerMode app is a diagnostic tool mainly used for the factory production line functionality testing and after-sales support. We’ve seen several statements by community developers that are worried because this apk grants root privileges. While, it can enable adb root, which provides privileges for adb commands, it will not let 3rd-party apps access full root privileges,” read the blogpost.
The company confirms that the “adb root function from EngineerMode will be removed in an upcoming OTA,” as users still have concerns.
Recently, OnePlus was accused of compromising users’ confidential device data by collecting personal information of users without their permission. The company had later issued a blogpost confirming that OnePlus would scale back on data collection on its devices.