Credit: Robert Triggs / Android Authority
TL;DR
- A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices.
- This is paired with a “fastboot” command oversight to bypass SELinux and gain the permissions needed to unlock the bootloader.
- This is further chained with vulnerability in Xiaomi’s Hyper OS to allow bootloader unlocking on the Xiaomi 17 series and more. Other Snapdragon 8 Elite Gen 5 phones could also be affected, though the chain of vulnerabilities could differ.
The Snapdragon 8 Elite Gen 5 is the newest flagship SoC from Qualcomm, and it’s undoubtedly one of the best chips that you can find on top Android flagships. We’re seeing widespread adoption of the SoC across phones like the Xiaomi 17 series, the OnePlus 15, and even the recently launched Galaxy S26 Ultra. This week, a new exploit came to light that appears to affect Qualcomm SoCs, primarily the latest Snapdragon 8 Elite Gen 5, allowing users to unlock the bootloader on phones that were previously notoriously difficult to unlock.
Don’t want to miss the best from Android Authority?
