Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Meta agrees to Indian AI data center deal as hyperscaler bolsters its infrastructure

    July 3, 2026

    Apple is reportedly planning new iPad Pro and MacBook Pro releases early next year

    July 3, 2026

    Korea taps Samsung, SK Hynix in $576 billion AI-chip drive to cement global leadership

    July 3, 2026
    Facebook X (Twitter) LinkedIn
    Trending
    • Meta agrees to Indian AI data center deal as hyperscaler bolsters its infrastructure
    • Apple is reportedly planning new iPad Pro and MacBook Pro releases early next year
    • Korea taps Samsung, SK Hynix in $576 billion AI-chip drive to cement global leadership
    • First look at the Samsung Galaxy Z Fold 8, Z Flip 8, and Z Fold 8 Ultra
    • Global leaders launch AI for Good Global Commission to expand access, strengthen trust and accelerate impact
    • Apple plans five new iPhones through 2027, eyes Chinese-made chips amid foldable push, reports say
    • SLT-Mobitel becomes first MSP to partner Versa to deliver next-generation SASE solutions to empower Sri Lankan enterprises
    • Sri Lanka’s best digital innovators honoured at SLASSCOM National Ingenuity Awards 2026
    Facebook X (Twitter) LinkedIn
    Techie.LKTechie.LK
    Demo
    • Home
    • Local
      1. AI & Machine Learning
      2. Consumer Tech
      3. Cybersecurity
      4. Enterprise Tech
      5. Fintech & Digital Payments
      6. GovTech & e-Governance
      7. Legal & Regulatory Tech
      8. Science & Innovation
      9. Startups & Venture
      10. Telecom & Connectivity
      Featured

      SLT-Mobitel becomes first MSP to partner Versa to deliver next-generation SASE solutions to empower Sri Lankan enterprises

      By Techie.lkJuly 3, 20261
      Recent

      SLT-Mobitel becomes first MSP to partner Versa to deliver next-generation SASE solutions to empower Sri Lankan enterprises

      July 3, 2026

      Sri Lanka’s best digital innovators honoured at SLASSCOM National Ingenuity Awards 2026

      July 3, 2026

      Sri Lanka’s Long-Awaited PayPal Access Is Here, With Room Still to Grow

      May 31, 2026
    • International
      • AI & Machine Learning
      • Consumer Tech
      • Cybersecurity
      • Enterprise Tech
      • Fintech & Digital Payments
      • GovTech & e-Governance
      • Legal & Regulatory Tech
      • Science & Innovation
      • Startups & Venture
      • Telecom & Connectivity
    • Interviews
    • Profiles
    • Analysis
    • Contributors
    • Podcasts
    • More
      • About Us
      • Contact Us
    Techie.LKTechie.LK
    Home»International»Kaspersky discovers vulnerability in Qualcomm Snapdragon chips leading to data loss and device compromise
    International

    Kaspersky discovers vulnerability in Qualcomm Snapdragon chips leading to data loss and device compromise

    Techie.lkBy Techie.lkApril 23, 2026Updated:April 24, 2026No Comments1 Views
    Facebook Twitter LinkedIn WhatsApp Reddit Tumblr Email
    Kaspersky discovers vulnerability in Qualcomm Snapdragon chips that can lead to data loss and device compromise
    Share
    Facebook Twitter LinkedIn

    Kaspersky ICS CERT discovered a hardware-level vulnerability affecting Qualcomm chipsets that are widely used in a range of consumer and industrial devices, including smartphones and tablets, car components, IoT devices and more. The vulnerability resides in theBootROM – firmware embedded at the hardware level. Attackers could potentially get access to any data stored on the device or device sensors like camera and microphone, implement complicated attack scenarios and in some circumstances get full control of the device. The results of the research were presented at Black Hat Asia 2026.

    The vulnerability affects Qualcomm MDM9x07, MDM9x45, MDM9x65, MSM8909, MSM8916, MSM8952 and SDX50 series and was reported to Qualcomm in March 2025. Qualcomm formally acknowledged the vulnerability in April 2025. It has been assigned a CVE-2026-25262. Other Qualcomm-based chips may be affected as well.

    Kaspersky researchers explored the Sahara protocol, a low-level communication system used when a Qualcomm chip enters Emergency Download Mode (EDL) – a special recovery mode designed for repairing or restoring smartphones or other devices. Sahara acts as the first step that allows a computer to connect to the device and load software before the operating system on the device starts.

    Kaspersky demonstrated that a security flaw in this process could allow an attacker with physical access to the target device to bypass key security protections in the chip, compromise the secure boot chain and, in some cases, deploy malicious applications and backdoors to the chip’s Application Processor, thus fully compromising the entire device. For example, in cases when the target device is a smartphone or a tablet, the attacker can potentially get access to entered user passwords, and subsequently this opens further access to multiple types of sensitive user data, such as files, contacts, location, access to the devices’ camera and microphone, etc.

    A potential attacker only needs a few minutes of physical access to a device to compromise it. Therefore, if a smartphone has been sent for repair or left unattended for a short time, one can no longer be sure it is not infected. Researchers warn that the threat extends beyond end-user scenarios to include potential compromise during the supply chain phase.

    “Vulnerabilities like this may allow attackers to deploy malware that is difficult to detect and remove. In practice, this could enable covert data collection or influence device behavior over extended periods of time. While a reboot might seem like an effective way to remove such malware, it cannot always be relied upon: compromised systems may simulate a reboot without actually resetting. In such cases, only a complete loss of power – including battery depletion – guarantees a clean restart,” comments Sergey Anufrienko, security expert at Kaspersky ICS CERT.

    Kaspersky advises organizations and individual users to exercise strict physical security control over devices including at the supply, maintenance and decommissioning phases. A reboot of the device by cutting off the power supply to the affected chip (if available) or full battery discharge may help to get rid of the malware if it was installed. Read the advisory on the website of Kaspersky ICS CERT.

    Share. Facebook Twitter LinkedIn
    Techie.lk
    • Website

    Related Posts

    Meta agrees to Indian AI data center deal as hyperscaler bolsters its infrastructure

    July 3, 2026

    Apple is reportedly planning new iPad Pro and MacBook Pro releases early next year

    July 3, 2026

    Korea taps Samsung, SK Hynix in $576 billion AI-chip drive to cement global leadership

    July 3, 2026
    Leave A Reply Cancel Reply

    Demo
    Top Posts

    Sri Lanka’s USD 2.5 Million Cyber Fraud: Investigations Underway as Questions Emerge Over Payment Process

    April 23, 20268

    Sampath Bank and Apartner Bring Digital Payments to Sri Lanka’s Growing Condominium Sector

    March 16, 20268

    Moose Fan App gains significant traction throughout T20 World Cup

    March 12, 20266

    LankaPropertyWeb Unveils “Apartment Finder”: A Game-Changer in the Real Estate Market

    March 10, 20266
    Don't Miss
    International

    Meta agrees to Indian AI data center deal as hyperscaler bolsters its infrastructure

    By Techie.lkJuly 3, 20261

    Meta Platforms said on Wednesday it will lease an artificial intelligence-enabled data center in India…

    Apple is reportedly planning new iPad Pro and MacBook Pro releases early next year

    July 3, 2026

    Korea taps Samsung, SK Hynix in $576 billion AI-chip drive to cement global leadership

    July 3, 2026

    First look at the Samsung Galaxy Z Fold 8, Z Flip 8, and Z Fold 8 Ultra

    July 3, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • LinkedIn

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Demo
    About Us
    About Us

    Your source for the lifestyle news. This demo is crafted specifically to exhibit the use of the theme as a lifestyle site. Visit our main page for more demos.

    We're accepting new partnerships right now.

    Email Us: techielkeditor@gmail.com
    Contact: +94 77 328 0773

    Facebook X (Twitter) LinkedIn
    Our Picks

    Meta agrees to Indian AI data center deal as hyperscaler bolsters its infrastructure

    July 3, 2026

    Apple is reportedly planning new iPad Pro and MacBook Pro releases early next year

    July 3, 2026

    Korea taps Samsung, SK Hynix in $576 billion AI-chip drive to cement global leadership

    July 3, 2026
    Most Popular

    Sri Lanka’s USD 2.5 Million Cyber Fraud: Investigations Underway as Questions Emerge Over Payment Process

    April 23, 20268

    Sampath Bank and Apartner Bring Digital Payments to Sri Lanka’s Growing Condominium Sector

    March 16, 20268

    Moose Fan App gains significant traction throughout T20 World Cup

    March 12, 20266
    © 2026 Techie. Designed by NIKO.
    • Terms & Conditions
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.