# Kaspersky ICS CERT discovered a hardware-level vulnerability affecting Qualcomm chipsets.

*semiconductor · news · 2026-04-27 · manilastandard.net*

## Key points

- Kaspersky discovered a BootROM vulnerability in multiple Qualcomm chipsets affecting both consumer and industrial devices.
- The vulnerability, CVE-2026-25262, can be exploited via the Sahara protocol in Emergency Download Mode.
- Attackers need only a few minutes of physical access to fully compromise affected Qualcomm-based devices.
- A standard reboot may not remove malware; only complete power loss or battery depletion ensures device reset.
- The risk of compromise includes not only user handling but also the supply chain and repair processes.

**Companies:** Qualcomm, Kaspersky
**Countries:** Russia, United States

[Read the full story on manilastandard.net](https://manilastandard.net/tech/314732460/kaspersky-discovers-vulnerability-in-qualcomm-snapdragon-chips-that-can-lead-to-data-loss-device-compromise.html)

---

Canonical: https://newsio.io/n/7128f25d-106d-4164-8948-5832dfbe881b/kaspersky-ics-cert-discovered-a-hardware-level-vulnerability-affecting-qualcomm
Summarized by Newsio from manilastandard.net. https://newsio.io/how-it-works