6/27/2025Research by:  Bruno Produit, Luca Glockow, Rachna ShriwasKey takeaways1. Due to Qualcomm’s proprietary architecture, a lack of security tooling exists around their baseband2. Our tooling enables research on Hexagon baseband with significantly reduced engineering work3. We release the first open-source toolchain for full-system emulated Hexagon firmware fuzzing at TROOPERS25OverviewEvery phone has a cellular baseband processor to handle mobile communications (5G, 4G, GPS, and more). Qual...