OnePlus phones running Android 12 or later could all be vulnerable to an OxygenOS security flaw that allows apps to access SMS and MMS data.
The majority of OnePlus phones in use today may be vulnerable to a security flaw that leaves SMS and MMS data exposed, and it won’t be patched until mid-October. Only OnePlus phones still running 2020’s OxygenOS 11 or earlier are believed to be safe from the flaw.
Security company Rapid7 was first to discover the vulnerability, which relates to changes OnePlus made to the Telephony service within Android. The long and short of it is that it would allow installed apps to access SMS data “without permission, user interaction, or consent.” The company found the flaw on devices running OxygenOS 12, 14, and 15, though reported that the older OxygenOS 11, based on Android 11, is not vulnerable. While Rapid7 only tested two types of hardware — the OnePlus 8T and 10 Pro 5G — it says the flaw “affects a core component of Android,” and so is unlikely to be hardware-specific. OnePlus has admitted to the issue, but in a statement given to 9to5Google by an unnamed spokesperson it says a fix won’t arrive until mid-October at the earliest. >We acknowledge the recent disclosure of CVE-2025-10184 and have implemented a fix. This will be rolled out globally via software update starting from mid-October. OnePlus remains committed to protecting customer data and will continue to prioritize security improvements. Rapid7 announced the discovery on its blog on Monday this week, but OnePlus didn’t respond until Wednesday. Rapid7 says it tried and failed to contact OnePlus privately to discuss the problem, and only turned to a public disclosure after also ruling out the company’s bug bounty program because of its “restrictive Non Disclosure Agreement.” Until the flaw is patched, Rapid7 recommends that OnePlus device owners should only install apps from trusted sources, uninstall any unnecessary ones, switch to encrypted messaging apps, and use authenticator apps rather than SMS-based two-factor authentication.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
How To Control An Android Phone With Your PCBriley Kenney has written about technology and consumer electronics for nearly two decades. Starting in the days of yore, covering Blackberry, he has a vast array of bylines.
Read more »
Limited-time deal makes the OnePlus Buds Pro 2 a sub-$80 bargainPreslav Mladenov is a News and Affiliate Content Writer at PhoneArena who started on his tech journalism journey in December 2021.
Read more »
OnePlus 13 plus one equals the OnePlus 15OnePlus has announced that its next flagship, the OnePlus 15, will come with a Snapdragon 8 Elite Gen 5 chipset.
Read more »
OnePlus’ Next Flagship Smartphone Ditches Hasselblad’s CamerasThe OnePlus 15 flagship phone arrives soon and will mark the end of OnePlus' five-year partnership with Hasselblad.
Read more »
Has OnePlus really ended its Hasselblad partnership, or is it just rebranded: DetailMax Engine presentedSebastian, a veteran of a tech writer with over 15 years of experience in media and marketing, blends his lifelong fascination with writing and technology to provide valuable insights into the realm of mobile devices.
Read more »
OnePlus Moves On: DetailMax Engine Replaces Hasselblad PartnershipOnePlus ends its five-year collaboration with Hasselblad, introducing the DetailMax Engine. The new in-house imaging system focuses on realism and superior image quality, raising questions about the future of OnePlus cameras.
Read more »