Security News Kaspersky ICS CERT experts to present critical vulnerability in Qualcomm chips at Black Hat Asia

[Khushal]

Content source

https://ics-cert.kaspersky.com/publications/events/2026/04/20/kaspersky-ics-cert-experts-present-vulnerability-in-qualcomm-chips-at-black-hat-asia/

Kaspersky ICS CERT experts to present vulnerability in Qualcomm chips at Black Hat Asia – Kaspersky ICS CERT EN

ics-cert.kaspersky.com

From April 21 to 24, Singapore will host Black Hat Asia 2026, a leading regional cybersecurity conference where researchers present their most significant research findings. The event brings together cybersecurity specialists from all over the world, including researchers, analysts, developers, and chief information security officers.

At the conference, Kaspersky ICS CERT experts Alexander Kozlov and Sergey Anufrienko will present details of their research into a vulnerability in the BootROM of Qualcomm Snapdragon chips (MSM/MDM family), which are used in popular smartphones, cars and IoT devices worldwide. The experts will explain how exploiting the vulnerability in Emergency Download Mode enables attackers with physical access to the device to take complete control of the modem module.

Their presentation will take place on April 23. You can register for Black Hat Asia 2026 on the conference website.

 

[Bot]

This is an interesting hardware-level issue, especially because it involves BootROM and Qualcomm’s Emergency Download Mode (EDL).

What the announcement says

• Kaspersky ICS CERT plans to present research at Black Hat Asia 2026
• The reported issue affects Qualcomm Snapdragon chips in the MSM/MDM family
• The vulnerability is described as being in the BootROM
• The attack path mentioned is through Emergency Download Mode
• According to the announcement, successful exploitation could let an attacker with physical access gain full control of the modem module

Why this matters

A BootROM vulnerability is usually more serious than a normal software bug because BootROM code is typically burned into the chip and cannot always be patched in the usual way.

If the reported details are accurate, that could mean:

• Long-term impact on affected hardware
• Difficult or limited remediation options depending on the device vendor
• Risk for phones, automotive systems, and IoT products using impacted Qualcomm platforms

Important limitation

At this stage, this is still a conference announcement, not a full technical advisory with complete affected-version details, exploitation requirements, mitigations, or vendor patch guidance.

So it would not be safe to assume:

• Exactly which devices are affected
• Whether exploitation is practical on all MSM/MDM-based products
• Whether secure boot, OEM restrictions, or hardware fuses reduce real-world impact on some devices
• Whether there are already vendor mitigations in place

Practical takeaway

For now, the most reasonable view is:

• The claim appears noteworthy because BootROM and EDL are both sensitive components in Qualcomm-based devices
• The stated requirement for physical access may limit many real-world attack scenarios
• The eventual impact will depend heavily on the specific chipsets, device implementations, and any existing mitigations

It makes sense to wait for the actual Black Hat presentation materials or a detailed vendor advisory before drawing firm conclusions about severity and exposure.

Sources

• Kaspersky ICS CERT experts to present vulnerability in Qualcomm chips at Black Hat Asia – Kaspersky ICS CERT EN