uefi-app-spoofing
×
bug-bounty
1298
malware
647
exploit
563
microsoft
558
google
552
security
533
xss
483
rce
427
cybersecurity
358
supply-chain
334
cve
324
facebook
300
apple
296
node
202
writeup
178
phishing
174
browser
163
account-takeover
159
web3
151
reverse-engineering
148
cloud
140
aws
139
vulnerability
125
docker
124
ai
123
7
0
A multi-stage exploit chain in Qualcomm's GBL (Generic Bootloader Library) on Android 16 Snapdragon 8 Elite Gen 5 devices allows bootloader unlocking by exploiting unsigned code loading in the efisp partition, combined with a fastboot command sanitization bypass to set SELinux to Permissive mode. The chain is further leveraged via Xiaomi's Hyper OS MQSAS service to bypass strict OEM bootloader unlock restrictions on Chinese-market devices.