Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

Posted on By CWS

Jun 02, 2025Ravie LakshmananSpyware / Vulnerability
Qualcomm has shipped safety updates to handle three zero-day vulnerabilities that it stated have been exploited in restricted, focused assaults within the wild.
The issues in query, which had been responsibly disclosed to the corporate by the Google Android Safety crew, are listed beneath –

CVE-2025-21479 and CVE-2025-21480 (CVSS rating: 8.6) – Two incorrect authorization vulnerabilities within the Graphics element that would end in reminiscence corruption as a result of unauthorized command execution in GPU microcode whereas executing a selected sequence of instructions
CVE-2025-27038 (CVSS rating: 7.5) – A use-after-free vulnerability within the Graphics element that would end in reminiscence corruption whereas rendering graphics utilizing Adreno GPU drivers in Chrome

“There are indications from Google Risk Evaluation Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 could also be underneath restricted, focused exploitation,” Qualcomm stated in an advisory.

“Patches for the problems affecting the Adreno Graphics Processing Unit (GPU) driver have been made obtainable to OEMs in Might along with a powerful suggestion to deploy the replace on affected gadgets as quickly as potential.”
There are presently no particulars on how the vulnerabilities are being exploited, in what context, and by whom. That stated, related flaws in Qualcomm chipsets (CVE-2023-33063, CVE-2023-33106, and CVE-2023-33107) have been weaponized up to now by purveyors of economic spyware and adware like Variston and Cy4Gate.
Final December, Amnesty Worldwide revealed that one other safety flaw in Qualcomm (CVE-2024-43047) had been exploited by the Serbian Safety Info Company (BIA) and the Serbian police to unlock seized Android gadgets belonging to activists, journalists, and protestors utilizing Cellebrite’s information extraction software program to achieve elevated entry and deploy an Android spyware and adware known as NoviSpy.

Discovered this text attention-grabbing? Observe us on Twitter  and LinkedIn to learn extra unique content material we publish.

The Hacker News Tags:, , , , , , ,

Related Posts

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models The Hacker News
Insights from 160 Million Attack Simulations Insights from 160 Million Attack Simulations The Hacker News
TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign The Hacker News
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers The Hacker News
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign The Hacker News
Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict The Hacker News