A security researcher has discovered four vulnerabilities that affect all OnePlus handsets. The vulnerabilities have been discovered by Roee Hay of Aleph Research, HCL Technologies. One of the unpatched vulnerabilities allows Man-in-the-Middle (MitM) attack against OnePlus device users, allowing a remote attacker to downgrade the device’s operating system to an older version. The other two vulnerabilities also allow an MitM attacker to replace any version of OxygenOS with HydrogenOS, as well as to replace the operating system with a completely different malicious ROM loaded with spying apps.
Source: https://thehackernews.com/2017/05/oneplus-mobile-vulnerabilities.html