Qualcomm is finally used Adreno GPU Zero-Day errors that are used in Android attacks
- Advertisement -
Related Posts
- Advertisement -
- Qualcomm has abused three zero-days since January 2025
- The patches must now be applied by OEMs
- No details about the wild abuse, but users still have to be wary
Qualcomm finally patted three Adreno GPU Zero-Day vulnerabilities that were abused in the wild.
According to the Android security bulletin of June 2025, the chip maker has now established CVE-2025-21479, CVE-2025-21480 and CVE-2025-27038.
The first two are incorrect authorization errors in the graphic component. They received a serious score of 8.6/10 (high) and could activate memory corruption. They were first observed in January 2025. The third bug is a user -free vulnerability in the graphic component that also leads to memory corruption. This received a lower Ernstcore – 7.5/10.
Payment information Intact
“There are indications of the Google Threat Analysis Group die CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 possible under limited, targeted exploitation,” Qualcomm, “Qualcomm,” Qualcomm, “Qualcomm,” explained.
“Patches for the problems that influence the Driver of the Adreno Graphics Processing Unit (GPU) were made available in May to OEMs together with a strong recommendation to implement the update on affected devices as quickly as possible.”
Now it is up to different manufacturers of devices, such as SamsungGoogle OnePlus or Xiaomi to apply these patches in their products.
The affected devices include a wide range of Qualcomm chipsets, including flagship models such as the Snapdragon 8 Gen 2 and Gen 3, as well as midrange and budget platforms such as the Snapdragon 695, 778G and 4 Gen 1/2.
There are currently no details about whom these defects have abused, against whom and to what end, but comparable vulnerabilities were seen in the past in Spyware campaigns such as Variston and Cy4Gate.
A separate Qualcomm bug (CVE-2024-43047) was used in December 2024 by the Serbian Secret Service Agency, BIA, to unlock Android Devices confiscated from journalists, activists and demonstrators, claims the same source.
Maybe you like it too
- Advertisement -
