Pierluigi Paganini December 06, 2023
CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds four Qualcomm vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Qualcomm vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Below is the list of the issues added to the catalog: The vendor addressed the flaws CVE-2023-33106, CVE-2023-33107, and CVE-2023-33063 in October 2023. […]

Pierluigi Paganini October 04, 2023
Chipmaker Qualcomm warns of three actively exploited zero-days

Chipmaker Qualcomm addressed 17 vulnerabilities in various components and warns of three other actively exploited zero-day flaws. Chipmaker Qualcomm released security updates to address 17 vulnerabilities in several components. Three out of 17 flaws are rated Critical, 13 are rated High, and one is rated Medium in severity. The company is also warning that three […]

Pierluigi Paganini January 09, 2023
Qualcomm Snapdragon flaws impact Lenovo, Microsoft, Lenovo, and Samsung devices

Tens of software vulnerabilities affected Qualcomm firmware and impacted the devices of Microsoft, Lenovo, and Samsung. Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. Some of the flaws were reported by the efiXplorer Team at the firmware protection firm Binarly, Zinuo Han of OPPO Amber Security Lab, Gengjia Chen from […]

Pierluigi Paganini April 21, 2022
Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack

A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files. Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets. The ALAC […]

Pierluigi Paganini May 06, 2021
Qualcomm bug impacts about 30% of all smartphones

A high severity flaw, tracked as CVE-2020-11292, affects Qualcomm Mobile Station Modem chips used by around 30% of all smartphones worldwide Researchers from Checkpoint have discovered a buffer overflow vulnerability, tracked as CVE-2020-11292, in the Qualcomm Mobile Station Modem that can be exploited by attackers to trigger memory corruption and execute arbitrary code on the […]

Pierluigi Paganini November 14, 2019
Flaws in Qualcomm chips allows stealing private from devices

Security vulnerabilities in Qualcomm allow attackers to steal private data from hundreds of million millions of devices, especially Android smartphones. Security experts from Check Point have discovered security flaws in Qualcomm that could be exploited attackers to steal private data from the so-called TrustZone. The TrustZone is a security extension integrated by ARM into the […]

Pierluigi Paganini August 06, 2019
QualPwn Bugs in Qualcomm chips could allow hacking Android Over the Air

Researchers discovered two serious flaws, QualPwn bugs, in Qualcomm’s Snapdragon SoC WLAN firmware that could be exploited to hack Android device over the air. Security experts at Tencent Blade, the security elite unit at Tencent, have discovered two severe vulnerabilities, QualPwn bugs, that could “allow attackers to compromise the Android Kernel over-the-air. “QualPwn is a […]

Pierluigi Paganini April 28, 2019
Critical flaw in Qualcomm chips exposes sensitive data for Android Devices

Researchers devised a new side-channel attack in Qualcomm technology, widely used by most Android smartphones, that could expose private keys. Researchers have uncovered a new side-channel attack that could be exploited by attackers to extract sensitive data from Qualcomm secure keystore, including private keys, and passwords. The attack potentially impacts most of the modern Android […]

Pierluigi Paganini August 09, 2016
900M+ Android users exposed to hack due to Qualcomm Quadrooter flaws

Experts from Checkpoint have found four major vulnerabilities dubbed Quadrooter in Qualcomm chips that expose more than 900M Android users to hack. Security experts from the security firm Checkpoint have found four major vulnerabilities, dubbed Quadrooter, in the firmware running on the in the Qualcomm chips that equip modern Android devices. The Quadrooter flaws could be […]

Pierluigi Paganini May 06, 2016
Three-quarters of Android devices affected by the Qualcomm software flaw

Mandiant – FireEye has disclosed the details of a serious information disclosure vulnerability affecting one of the Qualcomm software package widely used. Security researchers from the Mandiant firm have discovered a “high severity” vulnerability in the Qualcomm tethering controller (CVE-2016-2060) that could be exploited by a malicious application to access user information. Recently Google released an Android update that addresses […]