Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Posted on August 5, 2025August 5, 2025 By CWS

Aug 05, 2025Ravie LakshmananVulnerability / Cellular Safety
Google has launched safety updates to handle a number of safety flaws in Android, together with fixes for 2 Qualcomm bugs that have been flagged as actively exploited within the wild.
The vulnerabilities embody CVE-2025-21479 (CVSS rating: 8.6) and CVE-2025-27038 (CVSS rating: 7.5), each of which have been disclosed alongside CVE-2025-21480 (CVSS rating: 8.6), by the chipmaker again in June 2025.
CVE-2025-21479 pertains to an incorrect authorization vulnerability within the Graphics part that might result in reminiscence corruption resulting from unauthorized command execution in GPU microcode.
CVE-2025-27038, however, use-after-free vulnerability within the Graphics part that might end in reminiscence corruption whereas rendering graphics utilizing Adreno GPU drivers in Chrome.
There are nonetheless no particulars on how these shortcomings have been weaponized in real-world assaults, however Qualcomm famous on the time that “there are indications from Google Risk Evaluation Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 could also be beneath restricted, focused exploitation.”
On condition that related flaws in Qualcomm chipsets have been exploited by industrial spy ware distributors like Variston and Cy4Gate prior to now, it is suspected that the aforementioned shortcomings may have been abused in an identical context.

The three vulnerabilities have since been added to the U.S. Cybersecurity and Infrastructure Safety Company’s (CISA) Recognized Exploited Vulnerabilities (KEV) catalog, requiring federal companies to use the updates by June 24, 2025.
Google’s August 2025 patch additionally resolves two high-severity privilege escalation flaws in Android Framework (CVE-2025-22441 and CVE-2025-48533) and a important bug within the System part (CVE-2025-48530) that might end in distant code execution when mixed with different flaws with out requiring any extra privileges or consumer interplay.
The tech big has made obtainable two patch ranges, 2025-08-01 and 2025-08-05, with the latter additionally incorporating fixes for closed-source and third-party parts from Arm and Qualcomm. Android gadget customers are suggested to use the updates as and once they develop into obtainable to remain protected towards potential threats.

The Hacker News Tags:August, Exploited, Fixes, Googles, Patch, Qualcomm, Vulnerabilities, Wild

Post navigation

Previous Post: APT36 Hackers Attacking Indian Government Entities to Steal Login Credentials
Next Post: Cloudflare Accuses Perplexity AI For Evading Firewalls and Crawling Websites by Changing User Agent

Related Posts

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan The Hacker News
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub The Hacker News
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown The Hacker News
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play The Hacker News
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC The Hacker News
Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AI Is Transforming Cybersecurity Adversarial Testing
  • Threats Actors Poisoned Bing Search Results to Deliver Bumblebee Malware if User Searched for ‘ManageEngine OpManager’
  • Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks
  • CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks
  • U.S. Treasury Warns of Crypto ATMs Fueling Criminal Activity

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AI Is Transforming Cybersecurity Adversarial Testing
  • Threats Actors Poisoned Bing Search Results to Deliver Bumblebee Malware if User Searched for ‘ManageEngine OpManager’
  • Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks
  • CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks
  • U.S. Treasury Warns of Crypto ATMs Fueling Criminal Activity

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News