OPPO

A critical security vulnerability has been discovered in OPPO’s Clone Phone feature that could expose sensitive user data through inadequately secured WiFi hotspots. The vulnerability, designated CVE-2025-27387, affects ColorOS 15.0.2 and earlier versions, presenting a high-severity risk. The flaw allows nearby attackers to intercept personal data like contacts, messages, and photos without requiring special access, putting millions of OPPO device users at risk of data exposure. The vulnerability stems from weak WPA passphrase protection on WiFi hotspots used for file transfers.

Source: https://cybersecuritynews.com/oppo-clone-phone-weak-wifi-hotspot/

TPRM report: https://scoringcyber.rankiteo.com/company/oppo

"id": "opp603062425",
"linkid": "oppo",
"type": "Vulnerability",
"date": "6/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"

{'affected_entities': [{'customers_affected': 'Millions of OPPO device users',
                        'industry': 'Technology',
                        'name': 'OPPO',
                        'type': 'Manufacturer'}],
 'attack_vector': 'Adjacent network access',
 'data_breach': {'data_encryption': 'Weak',
                 'file_types_exposed': ['contacts',
                                        'messages',
                                        'photos',
                                        'application data'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['contacts',
                                              'messages',
                                              'photos',
                                              'application data']},
 'date_detected': 'May 2025',
 'date_publicly_disclosed': 'Undisclosed',
 'description': 'A critical security vulnerability has been discovered in '
                'OPPO’s Clone Phone feature that could expose sensitive user '
                'data through inadequately secured WiFi hotspots.',
 'impact': {'data_compromised': ['contacts',
                                 'messages',
                                 'photos',
                                 'application data'],
            'systems_affected': ['ColorOS 15.0.2 and earlier versions']},
 'initial_access_broker': {'entry_point': 'WiFi hotspot'},
 'motivation': 'Unauthorized information disclosure',
 'post_incident_analysis': {'root_causes': 'Weak WPA passphrases'},
 'recommendations': ['Avoid using Clone Phone functionality in untrusted '
                     'environments',
                     'Monitor official OPPO security bulletins for firmware '
                     'updates',
                     'Consider alternative secure file transfer methods'],
 'references': [{'source': 'GitHub Advisory Database'}],
 'response': {'remediation_measures': ['Avoid using Clone Phone functionality '
                                       'in untrusted environments',
                                       'Monitor official OPPO security '
                                       'bulletins for firmware updates',
                                       'Consider alternative secure file '
                                       'transfer methods']},
 'title': 'OPPO Clone Phone Vulnerability Exposes Sensitive User Data',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2025-27387'}

OPPO

Zimbra

Xiaomi

Performave Convoy