OnePlus A.I CyberSecurity Scoring
OnePlus
Company Information
Website:https://http://oneplus.com
Employees number:3,223
Number of followers:438,267
NAICS:334
Industry Type:Computers and Electronics Manufacturing
Homepage:oneplus.com
OnePlus Risk Score (AI oriented)
Between 750 and 799
OnePlusComputers and Electronics Manufacturing
Updated:
01/04/2026
01/04/2026
767/1000
Fair
Baa
OnePlus Global Score (TPRM)
xxxx
OnePlusComputers and Electronics Manufacturing
Score locked

OnePlusFair
Current Score
767Baa (FAIR)
01000
2 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
768
JUNE 2026
768
MAY 2026
767
APRIL 2026
767
MARCH 2026
767
FEBRUARY 2026
767
JANUARY 2026
767
DECEMBER 2025
766
NOVEMBER 2025
766
OCTOBER 2025
766
SEPTEMBER 2025
766
AUGUST 2025
766
JUNE 2022
756
Vulnerability
16 Jun 2022 • OnePlus
OnePlus
Unpatched SMS Data Exposure Vulnerability in OnePlus OxygenOS (CVE-2025-10184)
752
CRITICAL-4
ONE0492404092425
A critical vulnerability (CVE-2025-10184) in OxygenOS (versions 12 to 15) on OnePlus devices exposes SMS data and metadata to any installed app without requiring permissions or user interaction. The flaw stems from OnePlus modifying Android’s default Telephony package, introducing unsecured content providers (`PushMessageProvider`, `PushShopProvider`, `ServiceNumberProvider`) that lack proper `READ_SMS` permission checks. Worse, unsanitized inputs enable blind SQL injection, allowing attackers to reconstruct SMS content character-by-character by exploiting database queries. While the `read` permission is correctly enforced, the absence of `write` permission restrictions lets malicious apps infer SMS data if prerequisites are met (e.g., non-empty tables or insert capabilities).The vulnerability, discovered by Rapid7 and left unpatched due to OnePlus’s non-response, affects multiple models (e.g., OnePlus 8T, 10 Pro) across all OxygenOS versions since 2022. Attackers could exploit this to bypass 2FA, intercept sensitive messages (e.g., OTPs, financial alerts), or exfiltrate private communications. OnePlus acknowledged the issue only after public disclosure, leaving users exposed until a fix is released. Mitigations include minimizing app installations, avoiding SMS-based 2FA, and using end-to-end encrypted messaging for sensitive data.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2018
775
Breach
01 Jan 2018 • OnePlus
OnePlus
OnePlus Online Payment System Breach
720
CRITICAL-55
ONE436181223
OnePlus acknowledged that a security breach had compromised its online payment system. Numerous consumers of the Chinese smartphone maker reported experiencing fraudulent credit card transactions after making purchases via the company's online store.
After multiple reports of fraudulent credit card transactions from consumers who made purchases on the company's official website, OnePlus has finally acknowledged that there was a breach in its online payment system.
Attackers leveraged the script to capture credit card details as customers input them to make purchases on the website.
From a customer's browser window, the script was utilised to extract all credit card information, including card numbers, expiration dates, and security codes.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for OnePlus ??
What was OnePlus's A.I Rankiteo Cyber Score in June 2026 ??
What was OnePlus's A.I Rankiteo Cyber Score in May 2026 ??
What was OnePlus's A.I Rankiteo Cyber Score in April 2026 ??
What was OnePlus's A.I Rankiteo Cyber Score in March 2026 ??
What was OnePlus's A.I Rankiteo Cyber Score in February 2026 ??
What was OnePlus's A.I Rankiteo Cyber Score in January 2026 ??
What was OnePlus's A.I Rankiteo Cyber Score in December 2025 ??
What was OnePlus's A.I Rankiteo Cyber Score in November 2025 ??
What was OnePlus's A.I Rankiteo Cyber Score in October 2025 ??
What was OnePlus's A.I Rankiteo Cyber Score in September 2025 ??
What was OnePlus's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on OnePlus's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with OnePlus ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view OnePlus's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?