Highlights
- What is the OnePlus SMS vulnerability? — A flaw in OxygenOS 12, 14, and 15 that may allow unauthorised apps to access SMS and MMS data without user permission.
- Which devices are affected? — OnePlus 8T, OnePlus 10 Pro 5G and other models tested on the latest OxygenOS builds.
- What should users do? — Avoid granting SMS permissions to unknown apps and wait for OnePlus to release a security update.
OnePlus smartphone SMS vulnerability in OxygenOS 12, 14, 15 explained
OnePlus smartphone users who rely on Android for daily communication need to be alert. A recently reported SMS vulnerability has been confirmed in devices running OxygenOS 12, 14 and 15. The issue allows unauthorised access to SMS and MMS data, raising concerns for security and privacy.
About the issue
The flaw is linked to the way internal content providers are handled within OxygenOS. Cybersecurity analysts have pointed out that malicious apps may bypass SMS permissions, giving them the ability to silently read and extract text messages without the user’s knowledge. This can weaken the protection offered by SMS-based two-factor authentication, widely used for banking, email and social media accounts.
Affected OnePlus smartphones
Tests have confirmed that multiple OnePlus smartphones are vulnerable, including older and recent flagship models. Devices like the OnePlus 8T and OnePlus 10 Pro 5G running OxygenOS builds 12, 14 and 15 have been flagged. The security concern is not limited to hardware, but rather to software-level issues in OxygenOS builds.
Features and specifications under spotlight
OnePlus smartphones are known for balancing design, specifications, and performance. However, the SMS vulnerability shows that even feature-rich Android smartphones can face risks if security updates are not timely. Users are advised to keep their devices updated with the latest security patches once released.
Price and market impact
While the vulnerability does not directly affect the price of OnePlus devices, it could influence user trust in the brand. For those considering a new Android smartphone, this highlights the importance of checking security advisories alongside features and design before purchase.
Reviews and reactions
Initial reactions from the tech community suggest that OnePlus needs to respond quickly with a security patch. Experts recommend users avoid installing unverified apps that request message permissions until an official fix is available. Many loyal users continue to value the design and performance of OnePlus devices but are now more cautious about security aspects.
Release timeline and updates
The vulnerability was introduced with OxygenOS 12 and carried forward into later builds. Security firms have rated the impact as high, meaning that prompt action is necessary. Users can expect OnePlus to issue an update soon, though an official release date has not yet been confirmed.
Disclaimer
This article is for informational purposes only. It does not serve as a direct advisory from OnePlus. Users are encouraged to follow official OnePlus channels for updates and apply security patches as soon as they are rolled out.
