CVE-2026-24088
Received
Received - Intake
Unauthorized Bootloader Write Access in Qualcomm Chipset
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: Qualcomm, Inc.
Description
Description
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a cryptographic issue that occurs while processing a specific partition. It allows unauthorized users to write and load a customized bootloader onto the device.
How can this vulnerability impact me? :
The vulnerability can have a severe impact as it allows unauthorized write access to the bootloader. This can lead to complete compromise of the device's integrity, confidentiality, and availability, potentially allowing attackers to execute arbitrary code during boot and gain high-level control over the system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70