Global

Qualcomm Chipset Crisis: BootROM Bug Breaches Device Security

Qualcomm Chipset Crisis: BootROM Bug Breaches Device Security
Staff CorrespondentStaff Correspondent
Apr 26, 2026 23:31

Global cybersecurity firm Kaspersky has identified a critical hardware vulnerability in widely used Qualcomm chipsets. The flaw could allow attackers to take full control of affected devices and potentially steal sensitive user data, the firm has warned.

According to Kaspersky, the vulnerability exists in the BootROM firmware embedded in device hardware. It affects Qualcomm chipsets including MDM9x07, MDM9x45, MDM9x65, MSM8909, MSM8916, MSM8952, and the SDX50 series. There are also concerns that additional Qualcomm-based chips may be at risk. The vulnerability has been catalogued as CVE-2026-25262.

The findings were presented at the Black Hat Asia 2026 conference. Kaspersky disclosed the issue to Qualcomm in March 2025, and the company acknowledged the flaw in April of the same year.

The vulnerability is linked to the “Sahara protocol,” which is used for communication when a device enters Emergency Download Mode (EDL). This mode is typically used for device repair or software recovery. Researchers warn that if an attacker gains even brief physical access to a device, they may bypass security protections, break secure boot mechanisms, install backdoors or malicious applications, and extract critical data.

Experts caution that the flaw could enable unauthorized access to passwords, files, contacts, location data, and even device components such as cameras and microphones on smartphones or tablets. It may also introduce risks at the supply chain level.

Sergey Anufrienko, a security expert at Kaspersky ICS CERT, stated that such vulnerabilities can be exploited to install malware that is difficult to detect and remove. This could allow attackers to maintain long-term covert access to data or control over devices. He warned that simply restarting a device may not resolve the issue in all cases, as compromised devices could simulate a fake reboot. Fully disconnecting the power supply or restarting the device after complete battery depletion may be more effective.

Kaspersky has advised both individual users and organizations to strengthen the physical security of their devices. Particular emphasis has been placed on ensuring proper security measures during supply, maintenance, and disposal stages. The company also recommends fully disconnecting device power before restarting as a precautionary step to mitigate potential risks.

DBTech/RI/EK/OR

Tags:

পূর্ববর্তী সংবাদ

CUET Civil Engineering Seeks BAETE Seal: Accreditation Assessment Advances

পরবর্তী সংবাদ

IPTV Expansion Emphasized: Transparency, Tech Governance Take Center Stage