Vulnerability cyber

Qualcomm

Aug 10, 2024 1 min read
Qualcomm

Qualcomm faced significant vulnerabilities within their Adreno GPU used in Android devices. Discovered by Google’s Android Red Team, these vulnerabilities could lead to full device control if exploited. Attackers could bypass application restrictions, accessing GPU drivers with deep kernel privileges. Although Qualcomm released patches to OEMs, the diffuse Android ecosystem could slow mitigation. This emphasizes GPUs as emerging security focal points, with their ubiquitous role in daily mobile device operations exposing them to potential widespread impact if leveraged by attackers.

Source: https://www.wired.com/story/google-android-red-team-qualcomm-gpu-flaws/

TPRM report: https://scoringcyber.rankiteo.com/company/qualcomm

"id": "qua000081024",
"linkid": "qualcomm",
"type": "Vulnerability",
"date": "8/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': 'Android Device Users',
                        'industry': 'Semiconductor',
                        'name': 'Qualcomm',
                        'type': 'Technology Company'}],
 'attack_vector': 'GPU Driver Exploitation',
 'description': 'Qualcomm faced significant vulnerabilities within their '
                'Adreno GPU used in Android devices. Discovered by Google’s '
                'Android Red Team, these vulnerabilities could lead to full '
                'device control if exploited. Attackers could bypass '
                'application restrictions, accessing GPU drivers with deep '
                'kernel privileges. Although Qualcomm released patches to '
                'OEMs, the diffuse Android ecosystem could slow mitigation. '
                'This emphasizes GPUs as emerging security focal points, with '
                'their ubiquitous role in daily mobile device operations '
                'exposing them to potential widespread impact if leveraged by '
                'attackers.',
 'impact': {'systems_affected': 'Android Devices'},
 'lessons_learned': 'GPUs are emerging security focal points due to their '
                    'ubiquitous role in mobile devices.',
 'motivation': 'Full Device Control',
 'response': {'containment_measures': 'Patches Released to OEMs'},
 'title': 'Qualcomm Adreno GPU Vulnerabilities',
 'type': 'Vulnerability',
 'vulnerability_exploited': 'Adreno GPU Driver Vulnerabilities'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Zimbra

public 1 min read
A critical security vulnerability (CVE-2025-27915) has been discovered in Zimbra Classic Web Client, allowing attackers to execute arbitrary JavaScript code…
Jeremy C Jeremy C
Vulnerability cyber

Xiaomi

public 1 min read
A severe security vulnerability has been discovered in Xiaomi’s interoperability application, potentially exposing millions of users to unauthorized device…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.