Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Apple Hide My Email Flaw Exposed Real User Email Addresses
July 1, 2026
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Home/CyberSecurity News/Google Project Zero Discloses Zero-Click Exploit Chain for Pixel 10 Phones
CyberSecurity News

Google Project Zero Discloses Zero-Click Exploit Chain for Pixel 10 Phones

Key Takeaways Google Project Zero researchers unveiled a critical zero-click exploit chain targeting Pixel 10 devices. The two-stage attack leverages a Dolby Media Framework vulnerability for remote...

Sarah simpson
Sarah simpson
May 16, 2026 4 Min Read
53 0

Key Takeaways

  • Google Project Zero researchers unveiled a critical zero-click exploit chain targeting Pixel 10 devices.
  • The two-stage attack leverages a Dolby Media Framework vulnerability for remote code execution and a new flaw in the /dev/vpu driver for privilege escalation to root.
  • No user interaction is required for a complete device compromise.
  • The vulnerabilities were patched by Google in the February 2026 Android security update.

Zero-Click Exploit Chain Targets Pixel 10 Devices

Cybersecurity researchers at Google Project Zero have unveiled a sophisticated zero-click exploit chain capable of completely compromising Google Pixel 10 smartphones without any user interaction. This discovery renews focus on the inherent security challenges within Android’s foundational components, particularly hardware drivers.

Table Of Content

  • Key Takeaways
  • Zero-Click Exploit Chain Targets Pixel 10 Devices
  • Initial Compromise: Adapting a Known Flaw
  • New Privilege Escalation Path Discovered
  • Patch and Mitigations
  • What You Should Do

The attack, detailed by Project Zero, demonstrates how chaining two distinct vulnerabilities allows an attacker to gain root privileges and full control over a target device silently.

Initial Compromise: Adapting a Known Flaw

The first stage of the exploit leverages a vulnerability within the Dolby Media Framework, building upon prior research that targeted Pixel 9 devices. While a similar flaw (CVE-2025-54957) previously enabled remote code execution on older models, Project Zero researchers successfully adapted this entry point for the Pixel 10 with minimal modifications. Their primary adjustments involved recalculating memory offsets to account for updates in the Dolby library.

Exploitation on the Pixel 10 presented a slightly increased complexity due to the implementation of Return Address Pointer Authentication (RET PAC), which replaced older stack protection mechanisms. With the traditional overwrite target (__stack_chk_fail) no longer viable, researchers identified an alternative function, dap_cpdp_init, that could be safely hijacked without affecting system stability. This adaptation ensured the zero-click exploit remained effective on devices running security updates prior to December 2025.

New Privilege Escalation Path Discovered

While the initial remote code execution vector was an adaptation, the privilege escalation phase required a completely novel approach. The Pixel 10 no longer incorporates the vulnerable BigWave driver exploited in previous attacks. Instead, Project Zero discovered a severe flaw in a newly introduced driver located at /dev/vpu. This driver interacts with the Chips&Media Wave677DV video processing unit, an integral component of Google’s Tensor G5 chip.

During a focused audit, Project Zero researchers identified a critical vulnerability in the driver’s memory mapping functionality. The flaw stems from the driver’s improper handling of mmap requests; specifically, it fails to validate the size of memory being mapped when invoking remap_pfn_range. This oversight allows attackers to:

  • Request oversized memory mappings.
  • Bypass boundary enforcement on mapped regions.
  • Expose extensive sections of physical memory, including sensitive kernel space.

Given that the Android kernel typically loads at a predictable physical address on Pixel devices, attackers can directly pinpoint and overwrite crucial kernel structures. This grants arbitrary read and write access to kernel memory, effectively enabling full system compromise. Researchers highlighted that achieving complete kernel control required only a few lines of code, making this particular kernel vulnerability unusually straightforward to exploit.

By combining the Dolby zero-click remote code execution vulnerability with the VPU driver flaw, an attacker can:

  • Execute arbitrary code remotely without any user interaction.
  • Escalate privileges to the highest root level.
  • Achieve complete control over the compromised device.

In a real-world attack scenario, a specially crafted malicious media file could trigger the initial exploit, followed by kernel manipulation to disable security controls or install persistent malware.

Patch and Mitigations

The vulnerabilities were reported to Google on November 24, 2025, and were classified as High severity. Google responded swiftly, addressing the issues within 71 days and releasing patches as part of the February 2026 Android security update. This response time represents a notable improvement in addressing driver-related vulnerabilities compared to past incidents.

Despite the faster remediation, these findings underscore persistent weaknesses in Android’s driver development ecosystem. Notably, the vulnerable VPU driver was developed by the same team responsible for the previously flawed BigWave driver, suggesting ongoing gaps in secure coding practices and audit processes. Project Zero emphasized that while quicker patching is a positive development, preventing such vulnerabilities from reaching production devices in the first place remains paramount. This research reinforces the broader challenge that even seemingly minor flaws in hardware drivers can lead to full system compromise, highlighting the urgent need for more robust security reviews across the entire Android ecosystem.

What You Should Do

  • Ensure your Google Pixel 10 device is updated to the latest Android security patch, specifically the February 2026 update or newer.
  • Enable automatic security updates on your device to receive critical patches promptly.
  • Exercise caution when opening media files from untrusted sources, although this zero-click vulnerability requires no user interaction.
  • Regularly back up your device data to mitigate potential impact from unforeseen security incidents.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitMalwarePatchSecurityVulnerability

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

Android 16 VPN Bypass Exposes User IP Addresses to Malicious Apps

Next Post

Critical Linux Kernel Flaw CVE-2024-XXXX Lets Attackers Read SSH Keys

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Citrix NetScaler ADC and Gateway Bugs Allow DoS, Memory Overflow
July 1, 2026
Critical Vulnerability in Windows Drivers Lets Attackers Disable Security Software
July 1, 2026
Automotive Manufacturer Boosts SOC Triage Speed, Closes Supplier Security Gap
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us