A 0-click exploit chain for the Pixel 10

TL;DR

Security researchers have demonstrated a zero-click exploit chain for Pixel 10, exploiting vulnerabilities in Dolby libraries and the VPU driver. The exploits are confirmed on unpatched devices and highlight ongoing security challenges in Android hardware.

Researchers have identified and demonstrated a zero-click exploit chain for the Google Pixel 10, leveraging vulnerabilities in Dolby libraries and the VPU driver. This chain allows attackers to gain root access without user interaction, raising security concerns for unpatched devices.

The exploit chain builds on previous work with Pixel 9, adapting the Dolby 0-click vulnerability (CVE-2025-54957) for Pixel 10. The researchers updated offsets in the Dolby library and bypassed new security measures such as RET PAC, using the dap_cpdp_init function for exploitation. The Dolby exploit remains effective on devices with firmware older than December 2025.

Additionally, the researchers discovered a significant vulnerability in the Pixel 10’s VPU driver, which manages video decoding hardware. Unlike typical Linux drivers, this driver exposes hardware registers directly to userspace without proper bounds checking. By exploiting an mmap() vulnerability, attackers can map arbitrary physical memory, including kernel memory, enabling arbitrary kernel code execution. This vulnerability was reported on November 24, 2025, rated high severity, and patched in the February 2026 Pixel security bulletin, 71 days after disclosure.

Why It Matters

This discovery underscores the ongoing security challenges in Android devices, especially related to hardware drivers and multimedia libraries. The demonstrated exploit chain shows that unpatched Pixel 10 devices remain vulnerable to remote privilege escalation, which could be exploited for malicious purposes such as data theft or device control. The rapid patching process indicates improved Android security response, but the vulnerabilities highlight the need for more secure driver development and rigorous testing.

FNTCASE for Google Pixel 10a Case: [Compatible with Magsafe] Translucent Matte Cases with [Screen Protector] Military Grade Shockproof Protective Magnetic Phone Cover for Pixel 10A - Black

FNTCASE for Google Pixel 10a Case: [Compatible with Magsafe] Translucent Matte Cases with [Screen Protector] Military Grade Shockproof Protective Magnetic Phone Cover for Pixel 10A – Black

Compatibility: This case only Fits for Google Pixel 10a (6.3 inch, Released in 2026). Please confirm your phone…

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Background

In January 2026, Google patched a similar Dolby vulnerability (CVE-2025-54957) that affected Pixel 9 and earlier devices. The recent research extends this work to Pixel 10, which introduced new hardware security measures like RET PAC, complicating exploitation. The discovery of the VPU driver flaw builds on prior research into kernel vulnerabilities, emphasizing that hardware components remain a significant attack surface in modern Android devices.

“The Dolby exploit was straightforward to adapt, but the VPU driver vulnerability was a game-changer because of its simplicity and severity.”

— Researcher involved in the discovery

“We are committed to rapidly patching high-severity vulnerabilities and improving driver security, but hardware-level flaws remain a challenge.”

— Android security team representative

SecuX PUFido USB-C Security Key with PUF Technology, FIDO2/U2F Certified, Hardware-Rooted Unclonable Security for Passwordless Login and 2FA Authentication

SecuX PUFido USB-C Security Key with PUF Technology, FIDO2/U2F Certified, Hardware-Rooted Unclonable Security for Passwordless Login and 2FA Authentication

A FIDO security key with PUF technology provides a unique, hardware-rooted trust anchor that resists tampering and cyber…

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What Remains Unclear

It is not yet clear whether the exploit chain has been tested on all variants of Pixel 10 or if additional hardware configurations might mitigate the vulnerabilities. The full extent of the VPU driver’s impact on other devices or future Pixel models remains unknown. Further research is needed to determine if similar vulnerabilities exist in other hardware components or drivers.

Supershieldz (3 Pack) Designed for Google Pixel 10 / Pixel 9 Tempered Glass Screen Protector, Anti Scratch, Bubble Free

Supershieldz (3 Pack) Designed for Google Pixel 10 / Pixel 9 Tempered Glass Screen Protector, Anti Scratch, Bubble Free

Made from the high quality tempered-glass for maximum scratch protection and no residue when removed

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What’s Next

Google is expected to release security updates addressing these vulnerabilities in the next scheduled patch cycle, likely in the February 2026 security bulletin. Researchers and security analysts will continue to monitor for potential exploits and assess the effectiveness of patches. Device manufacturers may also review other drivers for similar vulnerabilities.

Google Pixel 10 User Guide: Setup, Camera, Security, Battery, and Troubleshooting

Google Pixel 10 User Guide: Setup, Camera, Security, Battery, and Troubleshooting

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Key Questions

Can these vulnerabilities be exploited remotely?

Yes, the exploit chain demonstrated allows remote privilege escalation on unpatched Pixel 10 devices without user interaction, making it a serious security concern.

Are all Pixel 10 devices vulnerable?

No, only devices running firmware older than December 2025 are confirmed vulnerable. Devices with the latest patches are protected.

Will future Pixel devices be affected?

It is uncertain; the vulnerabilities are hardware and driver-specific. Future devices may incorporate mitigations, but ongoing research is necessary to confirm.

What should users do to protect themselves?

Users should ensure their devices are updated with the latest security patches once available and avoid untrusted sources for firmware modifications.

You May Also Like

Digital Sovereignty Becomes an Imperative as the US Reads Dutch Emails

A U.S. House investigation revealed access to unredacted Dutch civil servant emails, raising urgent questions about data sovereignty and legal control.

Xfinity Down for Thousands, Downdetector Reports

Xfinity experienced a widespread outage impacting thousands of users, according to Downdetector reports. Service disruptions are ongoing with no official fix announced yet.

This is what some the world’s largest banks of malware look like stacked as hard drives

Cybersecurity researchers reveal the scale of malware repositories, with VirusTotal’s 31 petabytes surpassing the height of the Eiffel Tower when stacked as hard drives.

AMD will reinstate memory encryption on Ryzen 9000 CPUs via BIOS update in July

AMD will re-enable memory encryption feature TSME on Ryzen 9000 processors in July through a BIOS update, following community feedback.