OnePlus Nord 2 has a vulnerability that allows root access via USB

The OnePlus Nord 2, which was released earlier this year, has a vulnerability in its recovery environment. If you open a remote shell in that environment, you will see that there are no blocks to gain root access to the device via USB.

Normally, an Android device must give permission before certain commands are given to the device via USB and a remote shell. To do this, one has to navigate into the settings, enable the developer options, enable debugging over usb and allow the connected computer to issue adb commands.

What happened according to XDA is that OnePlus did not enable this condition as a parameter in the final release build of the operating system. As a result, according to the site, recovery mode makes it possible to copy the phone’s encrypted or unencrypted storage partitions, push executables to /data/local/tmp for execution, and modify system properties with the setprop utility. If an attacker has gained root access in the recovery, he can subsequently also execute adb commands in the regular Android system. XDA explains the relatively simple steps in its publication.

XDA states that it has been possible to exploit the vulnerability on the European and Indian firmware of the OnePlus Nord 2. There are no other variants of the Nord 2, which means that every Nord 2 has this vulnerability.

OnePlus has also commented on the matter to XDA. “We take privacy and security very seriously. We are prioritizing this issue and will share more information as soon as we have it,” said a representative of the Chinese phone maker.