• Home
  • cyber
  • Qualcomm and Google: Android Update Patches Exploited Qualcomm Zero-Day
cyber Vulnerability

Qualcomm and Google: Android Update Patches Exploited Qualcomm Zero-Day

Mar 2, 2026 2 min read
Qualcomm and Google: Android Update Patches Exploited Qualcomm Zero-Day

Google Patches 130 Android Vulnerabilities, Including Exploited Zero-Day

Google released its March 2026 Android security updates, addressing nearly 130 vulnerabilities one of which is an actively exploited zero-day. The flaw, tracked as CVE-2026-21385 (CVSS 7.8), affects the graphics component in over 200 Qualcomm chipsets, stemming from an integer overflow issue that could lead to memory corruption during memory allocation.

Exploitation of the bug could allow attackers to bypass security controls and gain unauthorized system access, according to Jamf’s Adam Boynton. Qualcomm first received the report from Google’s Android Security team on December 18, 2025, notified customers on February 2, and publicly disclosed the vulnerability on March 3, 2026. Google’s security bulletin confirms limited, targeted exploitation in the wild, though no attack details were provided. Such vulnerabilities are frequently leveraged by commercial spyware vendors.

The fixes are split across two patch levels:

  • 2026-03-01: Addresses over 50 vulnerabilities in the Framework and System components, including critical remote code execution (RCE) and denial-of-service (DoS) flaws. The most severe a System component bug could enable RCE without user interaction or additional privileges.
  • 2026-03-05: Resolves 60+ vulnerabilities in kernel, Arm, Imagination Technologies, MediaTek, Unisoc, and Qualcomm components, including CVE-2026-21385.

Devices updated to 2026-03-05 or later are protected against all patched issues. Google also released fixes for two Wear OS vulnerabilities in its Framework and System components, incorporating all March Android security patches. No platform-specific updates were issued for Android Automotive OS or Android XR this month.

Source: https://www.securityweek.com/android-update-patches-exploited-qualcomm-zero-day/

Qualcomm cybersecurity rating report: https://www.rankiteo.com/company/qualcomm

Android cybersecurity rating report: https://www.rankiteo.com/company/android_by_google

"id": "QUAAND1772563499",
"linkid": "qualcomm, android_by_google",
"type": "Vulnerability",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Android users with Qualcomm '
                                              'chipsets',
                        'industry': 'Software/Technology',
                        'location': 'Global',
                        'name': 'Google',
                        'type': 'Technology Company'},
                       {'customers_affected': 'Manufacturers using Qualcomm '
                                              'chipsets',
                        'industry': 'Semiconductors',
                        'location': 'Global',
                        'name': 'Qualcomm',
                        'type': 'Semiconductor Company'}],
 'attack_vector': 'Memory corruption via integer overflow',
 'customer_advisories': 'Android users advised to update devices to the latest '
                        'security patch level.',
 'date_detected': '2025-12-18',
 'date_publicly_disclosed': '2026-03-03',
 'date_resolved': '2026-03-05',
 'description': 'Google released its March 2026 Android security updates, '
                'addressing nearly 130 vulnerabilities, one of which is an '
                'actively exploited zero-day (CVE-2026-21385). The flaw '
                'affects the graphics component in over 200 Qualcomm chipsets, '
                'stemming from an integer overflow issue that could lead to '
                'memory corruption during memory allocation. Exploitation '
                'could allow attackers to bypass security controls and gain '
                'unauthorized system access.',
 'impact': {'operational_impact': 'Unauthorized system access, potential '
                                  'remote code execution',
            'systems_affected': 'Android devices with Qualcomm chipsets'},
 'investigation_status': 'Resolved',
 'post_incident_analysis': {'corrective_actions': 'Patches released for '
                                                  'affected components; public '
                                                  'disclosure and advisory '
                                                  'issued.',
                            'root_causes': 'Integer overflow in Qualcomm '
                                           'graphics component leading to '
                                           'memory corruption'},
 'recommendations': 'Update Android devices to patch levels 2026-03-05 or '
                    'later to mitigate all vulnerabilities.',
 'references': [{'source': 'Google Security Bulletin'},
                {'source': 'Jamf (Adam Boynton)'}],
 'response': {'communication_strategy': "Public disclosure via Google's "
                                        'security bulletin',
              'containment_measures': 'Security patches released for Android '
                                      'Framework, System, kernel, and Qualcomm '
                                      'components',
              'remediation_measures': 'Patches applied via Android security '
                                      'updates (2026-03-01 and 2026-03-05)'},
 'threat_actor': 'Commercial spyware vendors',
 'title': 'Google Patches 130 Android Vulnerabilities, Including Exploited '
          'Zero-Day',
 'type': 'Zero-Day Vulnerability',
 'vulnerability_exploited': 'CVE-2026-21385'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.