Affiliate links on Android Authority may earn us a commission.Learn more.
Millions of Android phones are vulnerable to a Snapdragon security flaw
July 19, 2025
If you’re using an Android phone with aSnapdragon chip inside, there’s a good chance it’s susceptible to a host of potentially serious security flaws. Check Point security researchers say they’vediscoveredmore than 400 code vulnerabilities, nicknamed “Achilles,” in the digital signal processors (DSPs) of Qualcomm’s Snapdragon chips.
The team is keeping the details a secret to prevent malicious use of the vulnerabilities before there’s a fix. The consequences can be serious, however. Check Point says attackers can quietly record calls, steal data, render devices unusable, and even install completely silent, non-removable malware.
It’s not clear how easy it is to exploit the flaws as a result. However, the researchers used “fuzz testing technologies” and other methods to identify flaws in the DSPs, which tend to be black boxes that are harder to study. Check Point noted that phone vendors couldn’t simply fix this as the chipmaker (in this case, Qualcomm) had to address the issues first.
See also:The best antivirus and anti-malware apps for Android
Solutions are thankfully on the way. Qualcomm has acknowledged the flaws and shared details with brands while it provides “appropriate mitigations” to brands, a spokesperson toldMarketWatch. The representative also said there was “no evidence” of active exploits, and that users could minimize their risk by getting patches when available and downloading apps from “trusted” outlets like the Google Play Store.
The practical threat is relatively low until and unless there’s an Achilles exploit in the wild. Even so, there’s a significant reason to be concerned. Snapdragon chips were in an estimated 40% of the phones that shipped in 2019 and are present in devices from heavyweights like Samsung, LG, and Xiaomi. That potentially leaves “hundreds of millions” of phones exposed, according to Check Point research head Yaniv Balmas, and fixing them all could be difficult or impossible.
Qualcomm itselfprovides extended supportfor Android devices, but that doesn’t extend to the vendors themselves. As has become all too clear, Android vendors arehistorically slow to deliver updatesand maycut off supportconsiderably sooner than Qualcomm. Although security patches are sometimes delivered sooner and beyond the usual support schedules, there may be millions of phones that never get fixes due to age or vendors’ update policies.
Thank you for being part of our community. Read ourComment Policybefore posting.
