Qualcomm Patches Three Zero-Day Vulnerabilities Exploited in Android Attacks Targeting Adreno GPU

In a critical move for mobile security, Qualcomm has issued patches for three actively exploited zero-day vulnerabilities affecting its Adreno GPU and compute components used widely in Android devices.

The vulnerabilities, which were under active exploitation in targeted attacks, highlight the increasing interest of advanced threat actors in leveraging graphics processing units (GPUs) as attack surfaces. Qualcomm confirmed the flaws tracked as CVE-2024-29748, CVE-2024-29747, and CVE-2024-29745 were used in real-world attacks before being publicly disclosed.

These zero-days impacted the Adreno GPU driver and Compute DSP (Digital Signal Processor), giving attackers the ability to execute arbitrary code, elevate privileges, or escape sandbox protections on affected Android devices. While Qualcomm did not disclose specific threat actors, the use of zero-days strongly suggests exploitation by nation-state-level or APT (Advanced Persistent Threat) groups.

For cybersecurity leaders, this incident underlines the need for mobile threat monitoring, GPU-level security visibility, and timely patch management across enterprise endpoints. With mobile devices becoming integral to the enterprise attack surface, reliance on chip-level security patches like those from Qualcomm is only increasing.

Organizations should work closely with Android OEMs and MDM solutions to validate deployment of these security updates across fleets of devices. As attackers expand their techniques beyond traditional vectors, defensive strategies must evolve to protect firmware, drivers, and hardware-specific code paths.