Primary

Context

Qualcomm GPS Chipsets Improper Authentication Vulnerability Allowing Cryptographic Issues

Vulnerability

A cryptographic vulnerability has been identified in various chipsets by Qualcomm, including those in the Snapdragon 8 Gen 1 and 8 Gen 2 mobile platforms, as well as several other platforms and modems. The issue arises from the use of an insecure connection method for downloading, which could potentially lead to improper authentication and corrupted key usage.

Impact

Exploitation of this vulnerability could cause cryptographic issues, such as the misuse of keys or initialization vectors, which are crucial for secure communications and data integrity.

Remediation

Qualcomm has notified customers about this vulnerability and is actively sharing patches. Instructions for applying the patch can be found in the Qualcomm July 2025 Security Bulletin.

Added: Jul 8, 2025, 2:57 PM

Updated: Jul 8, 2025, 2:57 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm GPS Chipsets Improper Authentication Vulnerability Allowing Cryptographic Issues

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating