## Google & CISA Confirm Active 0-Day Attacks Exploiting Critical Qualcomm Graphics Flaw in Android Devices
Google and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have confirmed active exploitation of a critical zero-day vulnerability in Android devices. The flaw is a Qualcomm zero-day, specifically an integer overflow within the Graphics subcomponent. According to Adam Boynton, senior enterprise strategy manager at Jamf, the vulnerability means "an attacker could cause severe memory corruption, allowing them to bypass security controls and gain unauthorised control over the system." This type of exploit provides attackers with a direct path to compromise device security and take full control. The confirmation from both Google and CISA indicates the attacks are not theoretical but are actively being used in the wild against Android devices. The vulnerability resides in a core hardware component from Qualcomm, a major chipset supplier, potentially affecting a wide range of Android smartphones and tablets. The public advisory serves as an urgent call for users and organizations to apply the latest security updates immediately to mitigate the risk of device takeover.
---
- **Source**: 
- **Sector**: The Network
- **Tags**: android, cybersecurity, vulnerability, zero-day, qualcomm
- **Credibility**: unverified
- **Published**: 2026-03-06 14:48:10
- **ID**: 2620
- **URL**: https://whisperx.ai/en/intel/2620