This work uncovers, for the first time, the security vulnerability of machine learning–driven multi-qubit readout error correction classifiers under physical fault injection—specifically, voltage glitching. Using a representative 5-qubit, 32-class readout model, we conduct systematic glitch attacks on the ChipWhisperer Husky platform, integrating automated parameter sweeps with Hamming distance and per-bit flip statistical analysis. We identify strong layer-dependent fault sensitivity: earlier network layers exhibit higher misclassification rates, and a single glitch can induce structured (non-random) cascading bit errors in readout outputs. This study formally establishes ML-based readout error correction as a critical component in quantum hardware security. Consequently, we propose lightweight fault-tolerant and redundancy design requirements, providing both theoretical foundations and practical guidelines for building physically attack–resistant quantum measurement pipelines.

Machine-learning (ML) classifiers are increasingly used in quantum computing systems to improve multi-qubit readout discrimination and to mitigate correlated readout errors. These ML classifiers are an integral component of today's quantum computer's control and readout stacks. This paper is the first to analyze the susceptibility of such ML classifiers to physical fault-injection which can result in generation of incorrect readout results from quantum computers. The study targets 5-qubit (thus 32-class) readout error-correction model. Using the ChipWhisperer Husky for physical voltage glitching, this work leverages an automated algorithm for scanning the fault injection parameter search space to find various successful faults in all the layers of the target ML model. Across repeated trials, this work finds that fault susceptibility is strongly layer-dependent: early-layers demonstrate higher rates of misprediction when faults are triggered in them, whereas later layers have smaller misprediction rates. This work further characterizes the resulting readout failures at the bitstring level using Hamming-distance and per-bit flip statistics, showing that single-shot glitches can induce structured readout corruption rather than purely random noise. These results motivate treating ML-based quantum computer readout and readout correction as a security-critical component of quantum systems and highlight the need for lightweight, deployment-friendly fault detection and redundancy mechanisms in the quantum computer readout pipelines.