Post

Qualcomm Patches Three Critical Zero-Day Vulnerabilities in Adreno GPU

Qualcomm has released crucial security updates to address three zero-day vulnerabilities exploited in targeted Android attacks via the Adreno GPU. Learn about the flaws, their impact, and the importance of updating.

Posted
By Vitus White
1 min read
Qualcomm Patches Three Critical Zero-Day Vulnerabilities in Adreno GPU

TL;DR

Qualcomm has addressed three zero-day vulnerabilities in the Adreno GPU, which were exploited in targeted Android attacks. The flaws, responsibly disclosed by the Google Android Security team, highlight the importance of timely security updates.

Critical Zero-Day Vulnerabilities Patched by Qualcomm

Qualcomm has recently released security updates to address three zero-day vulnerabilities that have been exploited in limited, targeted attacks on Android devices. These vulnerabilities, identified in the Adreno GPU, were responsibly disclosed to Qualcomm by the Google Android Security team. The flaws, listed below, underscore the ongoing challenge of securing mobile devices against sophisticated threats.

Vulnerabilities Details

  1. CVE-2025-21479 and CVE-2025-21480 (CVSS score: 8.6)
    • Description: Two incorrect authorization vulnerabilities in the Graphics.
    • Impact: These vulnerabilities could allow an attacker to gain unauthorized access to sensitive information or execute arbitrary code.
  2. CVE-2025-21481 (CVSS score: 7.8)
    • Description: A use-after-free vulnerability in the Graphics.
    • Impact: Exploitation of this vulnerability could lead to memory corruption, potentially allowing an attacker to execute malicious code.

Importance of Timely Updates

The discovery and patching of these vulnerabilities highlight the critical role of regular security updates in protecting mobile devices. Users are strongly advised to apply the latest updates from Qualcomm to mitigate the risks associated with these zero-day exploits. Timely updates are essential in defending against emerging threats and ensuring the integrity of mobile devices.

For more details, visit the full article: source.

Conclusion

The identification and patching of these zero-day vulnerabilities by Qualcomm underscore the continuous need for vigilance in cybersecurity. As threats evolve, timely updates and proactive security measures are crucial in safeguarding mobile devices. Users and organizations alike must prioritize security updates to protect against potential exploits and ensure the safety of their data1.

References

  1. (June 2, 2025). “Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU”. The Hacker News. Retrieved June 2, 2025. ↩︎

Cybersecurity & Data Protection, Vulnerabilities
cybersecurity vulnerability android
This post is licensed under CC BY 4.0 by the author.