Google Project Zero Reveals Pixel 10 Zero- Discloses Zero-Click

A newly disclosed zero-click exploit chain, targeting Google Pixel 10 devices, prompts renewed scrutiny of Android’s underlying security mechanisms.

Google Project Zero researchers demonstrated how attackers could silently compromise a device and escalate privileges to root without any user interaction by chaining just two vulnerabilities.

The attack builds on earlier research targeting Pixel 9 devices, in which a Dolby Media Framework flaw (CVE-2025-54957) enabled remote code execution.

For Pixel 10, researchers successfully adapted the same entry point with minimal effort. Most changes involved recalculating memory offsets for the updated Dolby library.

However, exploitation became slightly more complex due to the introduction of Return Address Pointer Authentication (RET PAC), which replaced traditional stack protection mechanisms.

Because the usual overwrite target (__stack_chk_fail) was no longer available, researchers identified an alternative function, dap_cpdp_init, which could be safely hijacked without disrupting system stability.

This allowed the zero-click exploit to remain effective on unpatched devices running security updates issued before December 2025.

New Privilege Escalation Path

While the initial exploit remained similar, the privilege escalation stage required a completely new approach.

The Pixel 10 no longer includes the vulnerable BigWave driver used in earlier attacks. Instead, researchers discovered a critical flaw in a newly introduced driver located at /dev/vpu.

This driver interfaces with the Chips&Media Wave677DV video processing unit on Google’s Tensor G5 chip.

During a brief audit, Project Zero researchers identified a severe vulnerability in the driver’s memory mapping functionality.

The flaw lies in how the driver handles mmap requests. Specifically, it fails to validate the size of memory being mapped when calling remap_pfn_range.

• Attackers can request oversized memory mappings.
• The driver does not enforce boundaries on mapped regions.
• This exposes large sections of physical memory, including kernel space.

Because the Android kernel is loaded at a predictable physical address on Pixel devices, attackers can directly locate and overwrite critical kernel structures.

This effectively grants arbitrary read and write access to kernel memory.

Researchers noted that achieving full kernel compromise required just a few lines of code, making this vulnerability unusually easy to exploit compared to typical kernel bugs.

By combining the Dolby zero-click vulnerability with the VPU driver flaw, attackers can:

• Execute code remotely without user interaction.
• Escalate privileges to root level.
• Take complete control of the device.

In a real-world scenario, a malicious media file could trigger the initial exploit, followed by kernel manipulation to turn off security controls or install persistent malware.

Patch and Mitigations

The vulnerability was reported on November 24, 2025, and classified as High severity.

Google addressed the issue within 71 days, releasing patches in the February 2026 Android security update, marking a notable improvement in response time compared to past driver vulnerabilities.

Despite faster remediation, the findings highlight ongoing weaknesses in Android driver development.

Notably, the vulnerable VPU driver was developed by the same team responsible for the previously flawed BigWave driver, suggesting recurring gaps in secure coding and auditing practices.

Project Zero emphasized that while faster patching is a positive step, preventing such vulnerabilities from reaching production remains critical.

The research underscores a broader challenge: even minor flaws in hardware drivers can lead to full system compromise, reinforcing the need for stronger security reviews across the Android ecosystem.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.