OnePlus is working on another software update for the OnePlus 6.
This time, the upgrade won’t bring a slew of new features to the table, as was the case with earlier releases. It will instead focus on fixing a bug that leaves the bootloader, the software that loads the operating system (OS) when the handset is switched on, exposed to being modified without first having to be unlocked.
That’s frightening because it means that anyone with access to your device can instruct it to boot a different OS to which manufacturer OnePlus intended, which can be used to mine information as part of an elaborate phishing scam, and the lack of security protocols makes that viable for even the least savvy hackers.
Worst still, if someone who knows what they’re doing gets their hands on your phone, they can exploit the vulnerability to boot into to the standard OS and start having a gander at your files, even if you have a PIN or another method of authentication in place – meaning all the data on your handset is at risk.
Related: Best Smartphone
Aware the situation is serious, OnePlus announced that it’s working with the researcher who discovered the issue to ensure it’s fixed. There’s no word on when the patch will start making the rounds, but you can bet your bottom dollar it will be soon or OnePlus could find itself on the receiving end of a class action lawsuit.
We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly.
Have you, or someone you know, been affected by the bootloader vulnerability? Let us know on Facebook or Twitter @TrustedReviews.