EngineerMode apk is pre-installed in OxygenOS operating system. EngineerMode is a testing tool which is for diagnostics and mainly used for functionality testing and after sales support. A recent finding by a freelance security researcher Robert Baptiste who is known by the name Elliot Anderson on Twitter has revealed that the EngineerMode software function can act as backdoor for hackers.
According to Baptiste EngineerMode can allow hackers to get unrestricted privileges on the device. OnePlus root access can be achieved by a simple command. Baptiste on his twitter mentioned that “It’s quite severe”. As we all know that once root access is achieved it can be used to install malware on a victims phone. There is no way for the user to even notice the presence of a malware because it can easily be hidden in system files.
OnePlus has immediately responded to this and disagreed with Baptiste’s statement. According to OmegaHsu who is OnePlus Staff Member stated that ” EngineerMode is a diagnostic tool mainly used for factory production line functionality testing and after sales support”.
According to OnePlus although the apk can grant root privileges for adb commands but EngineerMode does not allow 3rd party apps access full root privileges. As we all know that in order to root access still requires physical access of a victim’s device which is a rare case. If you are still concerned with the security issue you are advised to turn off USB debugging this will keep your devices safe.
Although OnePlus does not find it a security issue but due to user concerns OnePlus will remove adb root function from EngineerMode through OTA. OnePlus need to pay much attention to overall user security as the company has already been allegedly found to be collecting user data without user consent.