On Tuesday, Qualcomm issued urgent security warnings about three critical vulnerabilities affecting its widely used smartphone processors, pushing Google’s Threat Analysis Group (TAG) to alert manufacturers and hasten patch deployments for billions of its devices globally by pushing an Android security patch level, according to The Hackers News.
The chipmaker’s advisory was triggered by state-sponsored attack patterns detected by Google’s cybersecurity team, while Qualcomm released firmware fixes. The incident became a persistent challenge for the California-based manufacturer when it came to ensuring timely updates across Android’s fragmented ecosystem.
It is worth mentioning that many older devices may remain exposed to potential exploits of these chip-level flaws.
The flaws exploit Adreno graphics processors used in high-end Qualcomm chipsets such as the 2021 Snapdragon 888, the 2022 8 Gen 2, and the 2023 8 Gen 3 series. Qualcomm has termed the issues as high-severity android security issues that “can be under limited, targeted exploitation.”
The alert implied that certain hackers were probably already trying to exploit the issues, but the attacks require physical, or “local,” access to the device.
Google TAG Spots Active Exploitation
Earlier this year, Google’s TAG first reported two of these Android security holes, and a third one was reported in March. Since the bugs interfere with the graphics processor and memory management, attackers can exploit them to bypass devices or extract confidential information.
Qualcomm is urging users to be aware of Android update setting coming from their phone manufacturers and install the updates at the earliest opportunity.
Staying at the latest Android security patch level is the best protection for your device against these exploits. Two of the flaws:
- CVE-2025-21479 and CVE-2025-21480, are memory corruption as a result of unauthorized GPU micronode commands.
- Third flaw, CVE-2025-27038, is Chrome browser memory corruption but with access to addresses that have been autonomous.
While the first two occur in most flagship Snapdragon processors, the third mostly occurs in lower-end as well as mid-range models such as Snapdragon 6 Gen 1, Snapdragon 4 Gen 2, and Snapdragon 680.Qualcomm released an Android exploit patch to manufacturers in May, and the users need to check their security patch level, so they apply these critical reinforcements.
Android Security Patch Level
Applying the latest firmware update Android from your device company is key to guard against these threats. By keeping your phone updated, you can protect it from such vulnerabilities and make your device’s privacy and security stronger.
“Qualcomm Technologies is committed to providing technologies that support robust security and privacy. We advise customers to apply security updates as soon as they are made available by device manufacturers,” the company stated.
These vulnerabilities highlight the ongoing challenges in securing complex mobile systems where hardware and software interact. Qualcomm’s prompt release of patches demonstrates the critical role of collaboration between chipmakers, software developers, and device manufacturers.
However, the effectiveness of these efforts ultimately depends on users maintaining the latest Android security patch level. Without widespread adoption of these updates, even high-quality patches may fail to prevent exploitation, leaving millions of devices vulnerable.
It’s essential to protect personal data and device integrity in today’s cyber threat environment.
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Tech sections to stay informed and up-to-date with our daily articles.