Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
OnePlus

OnePlus Vendor Cyber Rating & Cyber Score

oneplus.com

This is our story. It’s a story that starts with a group of innovators. Back in 2013, the smartphone industry was stagnating. We imagined a better kind of smartphone and a better way of doing things. Our goal was to build a smartphone we would want to use ourselves. What started as a passion project soon turned into a global community. Fueled by a groundswell of support, we sought to redefine the way Android smartphones were built. This is who we are. We are a community looking to deliver true flagship experiences with smooth performance, quality software, and expert craftsmanship. We focus on the things that matter most to us - design and user experience. Most importantly, we’re not just doing it for ourselves. Our mission is to share


OnePlus A.I CyberSecurity Scoring

OnePlus
Company Information
Website:https://http://oneplus.com
Employees number:3,223
Number of followers:438,267
NAICS:334
Industry Type:Computers and Electronics Manufacturing
Homepage:oneplus.com
OnePlus Risk Score (AI oriented)
Between 750 and 799
logo
OnePlusComputers and Electronics Manufacturing
Updated:
01/04/2026
767/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
OnePlus Global Score (TPRM)
xxxx
logo
OnePlusComputers and Electronics Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

OnePlus
OnePlusFair
Current Score
767Baa (FAIR)
01000
2 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
768Before Incident
JUNE 2026
768Before Incident
MAY 2026
767Before Incident
APRIL 2026
767Before Incident
MARCH 2026
767Before Incident
FEBRUARY 2026
767Before Incident
JANUARY 2026
767Before Incident
DECEMBER 2025
766Before Incident
NOVEMBER 2025
766Before Incident
OCTOBER 2025
766Before Incident
SEPTEMBER 2025
766Before Incident
AUGUST 2025
766Before Incident
JUNE 2022
756Before Incident
Vulnerability
16 Jun 2022OnePlus
OnePlus

Unpatched SMS Data Exposure Vulnerability in OnePlus OxygenOS (CVE-2025-10184)

752After Incident
CRITICAL-4
ONE0492404092425
A critical vulnerability (CVE-2025-10184) in OxygenOS (versions 12 to 15) on OnePlus devices exposes SMS data and metadata to any installed app without requiring permissions or user interaction. The flaw stems from OnePlus modifying Android’s default Telephony package, introducing unsecured content providers (`PushMessageProvider`, `PushShopProvider`, `ServiceNumberProvider`) that lack proper `READ_SMS` permission checks. Worse, unsanitized inputs enable blind SQL injection, allowing attackers to reconstruct SMS content character-by-character by exploiting database queries. While the `read` permission is correctly enforced, the absence of `write` permission restrictions lets malicious apps infer SMS data if prerequisites are met (e.g., non-empty tables or insert capabilities).The vulnerability, discovered by Rapid7 and left unpatched due to OnePlus’s non-response, affects multiple models (e.g., OnePlus 8T, 10 Pro) across all OxygenOS versions since 2022. Attackers could exploit this to bypass 2FA, intercept sensitive messages (e.g., OTPs, financial alerts), or exfiltrate private communications. OnePlus acknowledged the issue only after public disclosure, leaving users exposed until a fix is released. Mitigations include minimizing app installations, avoiding SMS-based 2FA, and using end-to-end encrypted messaging for sensitive data.
INCIDENT DETAILS -
TYPE
VulnerabilityData ExposurePrivilege EscalationSQL Injection
IMPACT
SMS DataSMS MetadataOnePlus Devices Running OxygenOS 12–15Brand Reputation Impact: Potential (Due to Unpatched Vulnerability and Public Disclosure)Identity Theft Risk: High (If SMS Contains Sensitive Authentication Codes or Personal Data)Payment Information Risk: High (If SMS Contains Payment-Related OTPs or Transactions)
DATA BREACH
SMS ContentSMS Metadata (e.g., Timestamps, Sender/Recipient Info)Sensitivity Of Data: High (Potential for Authentication Codes, Personal Messages, Financial Transactions)Data Exfiltration: Possible (Via Blind SQL Injection)SMS Database (SQLite)Personally Identifiable Information: Potential (If SMS Contains PII)
JANUARY 2018
775Before Incident
Breach
01 Jan 2018OnePlus
OnePlus

OnePlus Online Payment System Breach

720After Incident
CRITICAL-55
ONE436181223
OnePlus acknowledged that a security breach had compromised its online payment system. Numerous consumers of the Chinese smartphone maker reported experiencing fraudulent credit card transactions after making purchases via the company's online store. After multiple reports of fraudulent credit card transactions from consumers who made purchases on the company's official website, OnePlus has finally acknowledged that there was a breach in its online payment system. Attackers leveraged the script to capture credit card details as customers input them to make purchases on the website. From a customer's browser window, the script was utilised to extract all credit card information, including card numbers, expiration dates, and security codes.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Financial Gain
IMPACT
Credit Card NumbersExpiration DatesSecurity CodesOnline Payment System
DATA BREACH
Credit Card InformationSensitivity Of Data: High

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for OnePlus ?
?
What was OnePlus's A.I Rankiteo Cyber Score in June 2026 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in May 2026 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in April 2026 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in March 2026 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in February 2026 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in January 2026 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in December 2025 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in November 2025 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in October 2025 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in September 2025 ?
?
What was OnePlus's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on OnePlus's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with OnePlus ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view OnePlus's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?