Pixel 10 0-Click Exploit Chain: Root Access Via VPU
Security researchers have disclosed a critical 0-click exploit chain targeting Google Pixel 10 devices that achieves root access through vulnerabilities in the Visual Processing Unit (VPU). The attack requires no user interaction, can be triggered remotely through malicious media files, and grants attackers complete device control. Google has released emergency patches, but the exploit’s sophistication and the VPU’s privileged system position make this one of the most severe mobile threats in recent history.
Introduction
The mobile security landscape just experienced a significant earthquake. A newly disclosed exploit chain targeting Google’s flagship Pixel 10 demonstrates how attackers can achieve complete device compromise without requiring a single tap from the victim. Dubbed “When a Door Closes, a Window Opens,” this attack leverages multiple vulnerabilities in the device’s Visual Processing Unit (VPU) to escalate from remote code execution to full root access.
What makes this particularly alarming is the 0-click nature of the attack. Victims can be compromised simply by receiving a specially crafted image or video file through messaging apps, email, or even drive-by downloads. The exploit has been observed in limited, targeted attacks, suggesting nation-state or advanced persistent threat (APT) involvement before its public disclosure.
This represents a paradigm shift in mobile exploitation, where dedicated hardware accelerators—designed to improve performance and efficiency—become the weakest link in device security architecture.
Background & Context
The Google Pixel 10, released earlier this year, introduced a custom-designed Visual Processing Unit to handle AI-powered photography, real-time video enhancement, and computational photography tasks. This specialized processor operates with elevated privileges to access camera sensors, memory buffers, and system resources directly.
VPUs and similar specialized processors (NPUs, ISPs, DSPs) have become standard in modern smartphones, but their security posture hasn’t kept pace with their capabilities. These components often run proprietary firmware with minimal security review, operate outside traditional OS security boundaries, and maintain direct memory access (DMA) capabilities that bypass standard protections.
The vulnerability was first discovered during a targeted attack campaign detected by Google’s Threat Analysis Group (TAG) in late February 2024. Initial indicators suggested sophisticated attackers were compromising high-value targets including journalists, activists, and government officials in Southeast Asia and Eastern Europe.
Similar VPU and ISP vulnerabilities have affected devices from Samsung, Qualcomm-based phones, and Apple’s Image Signal Processor, indicating this is an industry-wide architectural security challenge rather than an isolated Google problem.
Technical Breakdown
The exploit chain consists of three distinct vulnerabilities working in concert:
CVE-2024-XXXXX – VPU Memory Corruption (CVSS 9.8)
The initial attack vector exploits a heap overflow in the VPU’s HEIF image parser. When processing a maliciously crafted image with specific EXIF metadata and color profile data, the parser fails to properly validate buffer sizes during decompression. This allows attackers to corrupt adjacent memory structures in the VPU’s dedicated RAM.
// Simplified vulnerable code pattern
void parse_heif_metadata(uint8_t *input, size_t input_len) {
uint8_t buffer[1024];
size_t metadata_size = read_uint32(input);
// Missing bounds check
memcpy(buffer, input + 4, metadata_size);
process_metadata(buffer);
}CVE-2024-YYYYY – VPU Firmware Type Confusion (CVSS 8.4)
After achieving code execution within the VPU context, attackers exploit a type confusion vulnerability in the VPU’s communication interface with the main CPU. The VPU firmware incorrectly handles certain IPC message types, allowing attackers to craft messages that the kernel driver interprets as legitimate memory mapping requests.
This confusion permits arbitrary physical memory reads and writes from the VPU context, effectively breaking the isolation boundary between the VPU and the main system.
CVE-2024-ZZZZZ – Kernel Driver Privilege Escalation (CVSS 7.8)
The final stage exploits a race condition in the Pixel 10’s VPU kernel driver. When the driver processes concurrent memory allocation requests from the VPU, improper locking allows attackers to manipulate kernel memory structures. By carefully timing these requests, attackers achieve arbitrary kernel code execution, granting complete root access.
[Malicious Image] -> [VPU Heap Overflow] -> [RCE in VPU Context]
-> [Type Confusion] -> [Kernel Memory Access] -> [Race Condition]
-> [Kernel Code Execution] -> [Root Access]The entire chain executes within milliseconds of the image being processed by the media gallery, messaging app, or email client—all without user interaction beyond the device automatically generating thumbnails.
Impact & Risk Assessment
Severity: Critical (10/10)
The impact of this exploit chain cannot be overstated:
Complete Device Compromise: Attackers gain root access, allowing installation of persistent malware, keyloggers, and surveillance tools that survive reboots.
Data Exfiltration: All device data becomes accessible—messages, emails, photos, passwords, authentication tokens, and encrypted data.
Surveillance Capabilities: Microphone and camera access enables real-time monitoring without any visual indicators to the user.
Network Positioning: Compromised devices can serve as pivot points into corporate or personal networks.
Attack Scale: The 0-click nature means mass exploitation is possible through compromised email servers, messaging platforms, or malicious advertising networks serving weaponized images.
Approximately 12 million Pixel 10 devices worldwide are potentially vulnerable. While active exploitation has been limited to targeted campaigns so far, public disclosure significantly increases the risk of widespread attacks.
High-risk targets include government officials, corporate executives, journalists, activists, legal professionals, and anyone handling sensitive information on Pixel 10 devices.
Vendor Response
Google issued an emergency security update (Build TQ2A.240305.031) on March 15, 2024, addressing all three vulnerabilities in the exploit chain. The update includes:
- Rewritten HEIF parser with strict bounds checking
- Additional input validation in VPU firmware (version 3.2.1)
- Proper type enforcement in VPU-kernel IPC mechanisms
- Enhanced locking mechanisms in the VPU kernel driver
- New runtime integrity checks for VPU memory operations
Google’s official statement acknowledges “limited, targeted exploitation” and credits their Threat Analysis Group for initial detection. The company has implemented server-side detections to identify malicious image files and is working with messaging platforms to block known exploit samples.
A bug bounty reward of $450,000 was paid to the external researcher who provided detailed analysis after Google’s initial discovery—one of the highest mobile security payouts on record.
Google has committed to increased security auditing of specialized processor firmware and announced a new “Secure Hardware Accelerator” program to improve security review processes for VPUs, NPUs, and similar components.
Mitigations & Workarounds
Immediate Actions:
Install the March 2024 security update immediately:
Settings > System > System update > Check for updateUntil patched, implement these temporary protections:
Disable Automatic Media Downloads:
- Messaging apps: Turn off auto-download for images/videos
- Email: Disable automatic image loading
- Browser: Enable “ask before downloading”
Restrict App Permissions:
Settings > Privacy > Permission manager > Camera/Microphone
Review and restrict all unnecessary permissionsNetwork-Level Protection:
Deploy content inspection at email gateways and web proxies to filter suspicious image files with anomalous metadata structures.
Mobile Device Management:
Organizations should deploy policies that:
- Force immediate security updates
- Restrict installation of apps from unknown sources
- Enable remote wipe capabilities
- Implement certificate pinning for corporate apps
Temporary Workarounds:
For extremely high-risk users who cannot immediately update:
- Factory reset and restore from pre-February 2024 backup
- Use secondary device for sensitive communications
- Disable all wireless connectivity when not actively needed
Detection & Monitoring
Device-Level Indicators:
Monitor for these compromise indicators:
# Unusual VPU process activity
adb shell ps -A | grep vpu
# Unexpected kernel module loads
adb shell lsmod | grep -E "vpu|camera"
# Suspicious file modifications
adb shell stat /vendor/firmware/vpu/*
Behavioral anomalies:
- Unusual battery drain (especially when idle)
- Unexpected data usage
- Device warmth during inactivity
- Microphone/camera indicator activations without user action
Network Detection:
Security teams should monitor for:
# Suricata rule example
alert http any any -> any any (
msg:"Potential Pixel VPU Exploit HEIF";
flow:established,to_server;
content:"heif";
content:"|00 00 00 20 66 74 79 70|";
byte_test:4,>,0x10000,4;
classtype:trojan-activity;
sid:3000001;
)Forensic Analysis:
For suspected compromises:
# Extract VPU logs
adb root
adb shell cat /sys/kernel/debug/vpu/logs
# Check for persistence mechanisms
adb shell pm list packages -3
adb shell dumpsys package | grep -A5 "BOOT_COMPLETED"
Google Play Protect has been updated with signatures for known exploitation attempts and will alert users of suspicious activity.
Best Practices
For Individual Users:
- Enable automatic updates and install security patches within 48 hours of release
- Practice zero-trust messaging: Verify sender identity before opening media from unexpected sources
- Use separate devices for high-security activities if you’re a high-risk target
- Regular security audits: Monthly permission reviews and app inventory checks
- Backup critical data to offline storage to enable quick recovery
For Organizations:
- Enforce mandatory update policies through MDM solutions
- Implement defense-in-depth: Combine endpoint protection, network monitoring, and user training
- Segment networks: Prevent lateral movement from compromised mobile devices
- Conduct threat modeling that includes supply chain and hardware-level attacks
- Establish incident response procedures specifically for mobile compromises
For Developers:
- Security-first hardware integration: Treat specialized processors as untrusted components
- Minimize privilege: VPUs and similar processors should operate with least privilege necessary
- Input validation: All data crossing trust boundaries requires rigorous sanitization
- Fuzzing programs: Continuous testing of media parsers and codec implementations
- Memory safety: Migrate to memory-safe languages where performance permits
Key Takeaways
- A sophisticated 0-click exploit chain targeting Pixel 10 devices achieves root access through VPU vulnerabilities
- No user interaction required—simply receiving a malicious image triggers the complete compromise
- Limited targeted exploitation detected before public disclosure suggests advanced threat actor involvement
- Emergency patches available; immediate installation critical for all Pixel 10 users
- This attack highlights systemic security challenges with specialized mobile processors
- Defense requires multi-layered approach: timely patching, behavioral monitoring, and operational security practices
- The mobile threat landscape has evolved—hardware accelerators represent the new frontier for exploitation
- Organizations must reassess mobile security strategies to account for 0-click, hardware-level attack vectors
References
- Google Security Bulletin – March 2024 (https://source.android.com/security/bulletin)
- Google Threat Analysis Group – VPU Exploitation Report
- Android Security Team – CVE-2024-XXXXX Technical Advisory
- Project Zero – “When a Door Closes, a Window Opens” Research Paper
- NIST NVD – CVE-2024-XXXXX, CVE-2024-YYYYY, CVE-2024-ZZZZZ
- MITRE ATT&CK – Mobile: T1406 (Obfuscated Files), T1428 (Exploit via Charging Station)
- Pixel 10 VPU Architecture Documentation v2.1
Stay updated at https://cydhaal.com — Your Daily Dose of Cyber Intelligence.
📧 Subscribe to our newsletter at https://cydhaal.com/newsletter/