Friday, 17 Jul 2026
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA
logo logo
  • World
  • Politics
  • Crime
  • Economy
  • Tech & Science
  • Sports
  • Entertainment
  • More
    • Education
    • Celebrities
    • Culture and Arts
    • Environment
    • Health and Wellness
    • Lifestyle
  • 🔥
  • Trump
  • House
  • White
  • ScienceAlert
  • VIDEO
  • man
  • Trumps
  • Season
  • star
  • Years
Font ResizerAa
American FocusAmerican Focus
Search
  • World
  • Politics
  • Crime
  • Economy
  • Tech & Science
  • Sports
  • Entertainment
  • More
    • Education
    • Celebrities
    • Culture and Arts
    • Environment
    • Health and Wellness
    • Lifestyle
Follow US
© 2024 americanfocus.online – All Rights Reserved.
American Focus > Blog > Tech and Science > Qualcomm Chip Vulnerability Leaves Android Phones at Risk
Tech and Science

Qualcomm Chip Vulnerability Leaves Android Phones at Risk

Last updated: April 27, 2026 8:40 pm
Share
Qualcomm Chip Vulnerability Leaves Android Phones at Risk
SHARE

Summary created by Smart Answers AI

In summary:

  • Tech Advisor reports that Kaspersky discovered a critical hardware vulnerability (CVE-2026-25262) in older Qualcomm chipsets from 2014-2019, affecting devices like Samsung Galaxy S10 5G and Google Pixel 2.
  • Attackers with physical access can exploit the Sahara protocol flaw to bypass security measures and embed malware deeply into affected Android devices.
  • Users should upgrade to newer devices since these older chipsets no longer receive security updates, leaving millions of phones permanently vulnerable.

A recently identified security flaw in Qualcomm processors widely used in Android devices poses a significant risk. Security experts caution that, in the most severe cases, attackers might gain full control over the affected devices, accessing sensitive information.

Vulnerability lies deep within the system

The Kaspersky ICS CERT analysis reveals that the vulnerability exists in the BootROM of specific Qualcomm chips.

This firmware, embedded in the hardware, operates before the operating system loads, making the vulnerability particularly severe.

Registered as CVE-2026-25262, Kaspersky informed Qualcomm about the issue in March 2025, and Qualcomm confirmed it in April 2025.

The affected Qualcomm chips include:

  • MDM9x07
  • MDM9x45
  • MDM9x65
  • MSM8909
  • MSM8916
  • MSM8952
  • SDX50

Additional chips might also be vulnerable.

Affected devices (and possible good news)

Fortunately, these chipsets, released between 2014-2019, are found in older and more affordable devices, as well as flagship phones from several years ago.

Recent models containing these chipsets include the Samsung Galaxy S10 5G, LG V50 ThinQ 5G, OnePlus 7 Pro 5G, and Xiaomi Mi Mix 3 5G.

Foundry

See also  Heart failure risk becomes easier to estimate with new model

Other devices include, but are not limited to, some models of Galaxy S7 and S8, Google Pixel 2/2XL, LG G5, HTC One A9, Motorola Moto G4/G4 Plus, and Honor 4A.

These devices are considered obsolete and no longer receive software support, including security patches. Thus, users should upgrade to more current devices.

Attacks possible even before booting

The focus of the investigation is the Sahara protocol, which engages when devices switch to Emergency Download Mode (EDL), a maintenance mode. In this state, a computer can transfer software to the device before the operating system starts.

According to Kaspersky, attackers with physical access can bypass security mechanisms, including the Secure Boot Chain, allowing them to embed malware deep within the system, such as backdoors.

Kaspersky offers further technical insights in its analysis of the vulnerability in Qualcomm chips.

Access to data, camera and microphone

If compromised, the potential consequences are extensive. Attackers could:

  • Access stored files and contacts
  • Read passwords and location data
  • Activate the camera and microphone
  • Take complete control of the device

Security experts note that such attacks can affect not only individual users but also devices during transport or repairs, potentially compromising the supply chain.

Restarting is not a reliable solution

A simple restart might not resolve the issue, as Kaspersky indicates that malware can be deeply embedded within the system, making it difficult to detect or remove.

Moreover, compromised devices could simulate a reboot. A complete reset is only secure if the power supply is entirely cut off, for example, by fully discharging the battery.

See also  Former Bolt CEO Maju Kuruvilla's startup triples to $100M valuation

What you should bear in mind now

Although an attack requires physical access, the risk should not be underestimated. Kaspersky advises the following precautions:

  • Use only reputable repair shops for device maintenance.
  • Avoid leaving your smartphone or tablet unattended whenever possible.
  • Monitor access to your devices, especially during transport or handover.
  • If you suspect a problem, turn off the device completely and allow the battery to fully discharge.

This article originally appeared on our sister publication PC-WELT and was translated and adapted from German.

Contents
Vulnerability lies deep within the systemAffected devices (and possible good news)Attacks possible even before bootingAccess to data, camera and microphoneRestarting is not a reliable solutionWhat you should bear in mind now

TAGGED:AndroidchipLeavesphonesQualcommRiskVulnerability
Share This Article
Twitter Email Copy Link Print
Previous Article The Streets Were Right All Along The Streets Were Right All Along
Next Article Free Summer Reading Log Bundle Free Summer Reading Log Bundle

Popular Posts

May 20, United States detonates first hydrogen bomb

Today is Tuesday, May 20, the 140th day of 2025. There are 225 days left…

May 20, 2025

This organoid can menstruate—and shows how tissue can repair itself

Scientists have created organoids capable of regenerating similarly to the endometrium, the uterine lining that…

May 9, 2026

Tren de Aragua gang linked to brutal killing of Mexican border agent

Reports have surfaced linking one of the illegal migrants involved in the killing of a…

January 8, 2025

Iman Shumpert, Amber Rose Go On Beach Date, Just Friends

NBA champion Iman Shumpert and Amber Rose were recently spotted hanging out together in Miami,…

September 19, 2024

Panama vs. Costa Rica odds, picks, how to watch, stream: Nov. 18, 2024 Concacaf Nations League prediction

Panama will host Costa Rica for the second leg of the Concacaf Nations League quarterfinals…

November 18, 2024

You Might Also Like

Capital One releases VulnHunter, an open-source AI tool that finds software flaws before hackers do
Tech and Science

Capital One releases VulnHunter, an open-source AI tool that finds software flaws before hackers do

July 17, 2026
Scientists Solve The 40-Year Mystery of a Giant Structure Towering Over The Milky Way : ScienceAlert
Tech and Science

Scientists Solve The 40-Year Mystery of a Giant Structure Towering Over The Milky Way : ScienceAlert

July 17, 2026
Should You Still Buy a OnePlus Phone? US & Europe Exit Confirmed – Tech Advisor
Tech and Science

Should You Still Buy a OnePlus Phone? US & Europe Exit Confirmed – Tech Advisor

July 17, 2026
U.S. cities have the worst air quality in the world right now—here’s how to stay safe
Tech and Science

U.S. cities have the worst air quality in the world right now—here’s how to stay safe

July 17, 2026
logo logo
Facebook Twitter Youtube

About US


Explore global affairs, political insights, and linguistic origins. Stay informed with our comprehensive coverage of world news, politics, and Lifestyle.

Top Categories
  • Crime
  • Environment
  • Sports
  • Tech and Science
Usefull Links
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA

© 2024 americanfocus.online –  All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?