Google Project Zero has published details of a fully functional zero-click exploit chain targeting Google Pixel 10 devices, raising the alarm across the Android security community. The research demonstrates that an attacker can silently compromise and gain root-level control of an unpatched Pixel 10 without any interaction from the device owner.
How the Attack Works
The exploit chain builds on prior Project Zero research targeting Pixel 9 devices. A vulnerability in the Dolby Media Framework, tracked as CVE-2025-54957, serves as the remote entry point. This flaw enables code execution by sending a specially crafted media file to the target device — no clicks, no prompts, no user awareness required. For Pixel 10, researchers adapted the same exploit with minimal modifications, primarily recalculating memory offsets to account for the updated Dolby library version.
One notable change in Pixel 10 is the replacement of traditional stack-canary protections with Return Address Pointer Authentication (RET PAC). Because the usual target function was no longer exploitable, researchers identified an alternative function that could be hijacked without destabilizing the system, preserving the zero-click entry vector on devices with pre-December 2025 security patches.
A New Privilege Escalation Path via the VPU Driver
While the entry point remained similar, the privilege escalation stage required a completely new approach. The Pixel 10 no longer includes the vulnerable BigWave driver exploited in prior research. Instead, Project Zero discovered a critical flaw in a newly introduced driver that interfaces with the Chips and Media Wave677DV video processing unit on Google’s Tensor G5 chip.
The vulnerability lies in the driver’s memory mapping functionality. When handling mmap requests, the driver fails to validate the size of the memory region being mapped. This allows an attacker to:
- Request oversized memory mappings that exceed intended boundaries.
- Gain read and write access to large sections of physical memory, including kernel space.
- Locate and overwrite critical kernel structures, since the Android kernel is loaded at a predictable physical address on Pixel devices.
Researchers noted that exploiting this flaw required only a few lines of code, making it unusually accessible compared to typical kernel-level bugs. Full kernel compromise — arbitrary read and write access — was achievable with minimal effort.
Full Chain: Silent Root Access
Chaining the two vulnerabilities together, the complete attack unfolds as follows:
- A malicious media file triggers CVE-2025-54957 in the Dolby media framework remotely, without any user interaction.
- Initial code execution then pivots to the VPU kernel driver to escalate privileges to root.
- From root, security controls can be disabled, persistent malware installed, or sensitive data exfiltrated silently.
In a real-world scenario, the attack could be launched simply by sending a crafted media message over any channel that processes media files automatically. This makes the chain particularly dangerous for targeted surveillance operations against high-value individuals.
Patch Status and Disclosure Timeline
Google Project Zero reported the VPU driver vulnerability on November 24, 2025. Google classified it as High severity and patched it within 71 days, shipping a fix in the February 2026 Android Security Update. Devices that have applied this update are protected against the privilege escalation component. The Dolby CVE-2025-54957 entry point was addressed in the December 2025 security update. Devices running patches older than December 2025 remain vulnerable to the complete chain.
Broader Implications for Android Security
Project Zero highlighted that the vulnerable VPU driver was developed by the same team responsible for the previously flawed BigWave driver, suggesting recurring gaps in secure coding practices and internal auditing. Despite improved remediation timelines, hardware driver vulnerabilities remain a persistent weak spot across the Android ecosystem.
The research underscores a fundamental tension: new hardware features introduce new attack surfaces that must be rigorously reviewed before shipping. Even a brief audit of the VPU driver was sufficient for Project Zero to identify a critical, easily exploitable flaw enabling full device takeover.
What Users and Organizations Should Do
- Apply all pending Android security updates immediately, at minimum the February 2026 patch.
- Organizations managing Android fleets should audit device patch levels and enforce timely update policies.
- Security teams should monitor for unexplained outbound media traffic or anomalous privilege changes on Android endpoints.
- Hardware driver developers should adopt systematic security reviews and fuzzing programs before production deployment of any new drivers.
For users and enterprises relying on Android for sensitive communications or business operations, this research is a timely reminder that platform security is only as strong as its least-audited driver. Keeping devices current with security patches remains the single most effective mitigation available today.