Security researchers have discovered a critical zero-click vulnerability in Google’s Pixel 10 Visual Processing Unit (VPU) driver that allows attackers to gain root access with merely five lines of code. The exploit chain, dubbed “When a Door Closes, a Window Opens,” bypasses multiple security layers and can be triggered without user interaction. Google has confirmed the flaw affects all Pixel 10 devices running Android 15 prior to the January 2025 security patch. The vulnerability has been actively exploited in limited, targeted attacks, making immediate patching crucial.
Introduction
Google’s Pixel 10 flagship smartphone, lauded for its advanced AI capabilities and security features, has become the latest victim of a sophisticated zero-click exploit that completely undermines its security architecture. The vulnerability resides in the Visual Processing Unit (VPU) driver—a critical component responsible for handling advanced image and video processing tasks that power the device’s computational photography features.
What makes this discovery particularly alarming is the exploit’s elegant simplicity: just five lines of code can grant an attacker complete root access to the device without requiring any user interaction. The attack chain leverages a previously closed vulnerability’s patch as a jumping-off point to exploit a newly introduced flaw, demonstrating how security fixes can inadvertently create new attack surfaces. With evidence of active exploitation already confirmed in the wild, this represents one of the most serious mobile security threats of 2025.
Background & Context
The Pixel 10, released in October 2024, introduced Google’s next-generation Tensor G5 chipset with a dedicated Visual Processing Unit designed to accelerate machine learning workloads for camera operations, real-time HDR processing, and AI-enhanced video stabilization. The VPU operates with elevated privileges to access camera hardware directly and perform real-time processing with minimal latency.
In December 2024, Google patched CVE-2024-53891, a memory corruption vulnerability in the VPU driver’s buffer handling mechanism. The patch introduced new boundary checks and modified the driver’s memory allocation strategy. However, security researchers discovered that this patch inadvertently created a new attack vector by introducing a race condition in the driver’s validation logic.
The vulnerability was discovered by an unnamed security research team who reported it through Google’s Vulnerability Reward Program in late December 2024. Google assigned it CVE-2025-0147 with a CVSS score of 9.8 (Critical). By early January 2025, threat intelligence indicated that at least two threat actors had independently discovered and weaponized the flaw for targeted surveillance operations.
Technical Breakdown
The vulnerability stems from a time-of-check-to-time-of-use (TOCTOU) race condition in the VPU driver’s IOCTL handler, specifically in how it validates user-supplied buffer sizes before processing image metadata.
When the December 2024 patch was applied, developers added a validation function that checks buffer boundaries before allocation. However, the check and the actual memory operation occur in separate atomic contexts, creating a narrow race window. An attacker can exploit this by rapidly alternating between valid and malicious buffer size values during the validation-to-allocation window.
The exploit chain works as follows:
Stage 1: Race Condition Trigger
// Attacker spawns multiple threads alternating buffer size
while(racing) {
ioctl(vpu_fd, VPU_SET_BUFFER, &valid_size);
ioctl(vpu_fd, VPU_SET_BUFFER, &malicious_size);
}Stage 2: Memory Corruption
Once the race is won, the driver allocates a buffer based on the validated (small) size but copies data based on the malicious (large) size, causing a heap overflow that corrupts adjacent kernel memory structures.
Stage 3: Privilege Escalation
The overflow overwrites kernel function pointers in the VPU’s device structure. By carefully crafting the overflow payload, attackers redirect execution flow to attacker-controlled shellcode that disables SELinux enforcement and grants root privileges.
Stage 4: Persistence
The exploit modifies the system partition to inject a backdoor into the Android init process, ensuring persistence across reboots.
The complete exploit requires approximately five lines of core code to set up the race condition, trigger the overflow, and redirect execution—though the supporting infrastructure and shellcode are considerably more complex.
What makes this a zero-click exploit is its delivery mechanism: the vulnerability can be triggered remotely by sending a specially crafted MMS message containing malicious image metadata. When the device’s messaging app processes the image (even in the background without displaying a notification), the VPU driver automatically parses the metadata, triggering the vulnerability.
Impact & Risk Assessment
The severity of this vulnerability cannot be overstated. Any Pixel 10 device running unpatched software is vulnerable to complete compromise through a zero-click attack vector. The implications are severe across multiple dimensions:
Device Compromise: Attackers gain complete root access, allowing them to read all data, access credentials, activate microphone and camera, track location, and intercept communications.
Scale: Approximately 8 million Pixel 10 devices were sold globally through Q4 2024, all potentially vulnerable until patched.
Stealth: The exploit leaves minimal forensic traces and can execute entirely in memory, making detection extremely difficult without specialized tools.
Active Exploitation: Confirmed targeting of journalists, activists, and government officials in at least three countries suggests nation-state or commercial surveillance vendor involvement.
Supply Chain Risk: Enterprise deployments with managed Pixel 10 fleets face potential mass compromise if not patched immediately.
The vulnerability receives a 9.8 CVSS score due to its network-based attack vector, zero user interaction requirement, low attack complexity, and complete impact on confidentiality, integrity, and availability.
Vendor Response
Google moved swiftly upon receiving the vulnerability report in late December 2024. The company’s Android Security Team prioritized the issue as P0 (critical, actively exploited) and fast-tracked patch development.
On January 6, 2025, Google released an emergency security update as part of the January Android Security Bulletin. The patch (build number AP31.240726.031) addresses CVE-2025-0147 by implementing proper locking mechanisms in the VPU driver’s IOCTL handler, ensuring atomic validation and memory allocation operations.
In their security bulletin, Google stated: “We have been made aware of limited, targeted exploitation of CVE-2025-0147. We strongly urge all Pixel 10 users to install the January security update immediately.”
Google has also committed to:
- Extending the patch to older Pixel devices with VPU hardware
- Conducting a comprehensive security audit of all Tensor G5 subsystem drivers
- Implementing additional runtime hardening in the VPU driver architecture
- Providing indicators of compromise (IOCs) to security vendors
The patch is being delivered through standard over-the-air updates and is also available through Google’s developer portal for manual installation via Android Debug Bridge (ADB).
Mitigations & Workarounds
Until devices can be patched, users and organizations should implement the following mitigations:
Immediate Actions:
- Install January 2025 Security Update: Check Settings → System → System Update and install immediately if available.
- Disable Automatic MMS Retrieval: Navigate to messaging app settings and disable auto-download of multimedia messages until patched.
# For managed devices, administrators can disable MMS via ADB:
adb shell settings put global mobile_data 0- Restrict App Permissions: Temporarily revoke camera and storage permissions for non-essential apps to limit exploit surface.
- Enable Lockdown Mode: Use Android’s lockdown mode when device security is critical:
– Press and hold power button → Select “Lockdown”
For Enterprise Deployments:
- Deploy the security patch through EMM/MDM platforms immediately
- Isolate unpatched devices from sensitive networks
- Enable advanced threat protection on mobile security gateways
- Review device logs for indicators of compromise
For High-Risk Users:
Consider temporarily switching to a non-affected device if facing active threat actor targeting until patch deployment is confirmed.
Detection & Monitoring
Detecting exploitation of this vulnerability is challenging due to its kernel-level nature and minimal forensic footprint. However, several indicators may signal compromise:
Device-Level Indicators:
- Unexpected battery drain (kernel-level malware executing)
- Unfamiliar root certificates installed
- SELinux showing as “Permissive” instead of “Enforcing”
- New system-level applications without user installation
Log Analysis:
# Check for VPU driver crashes or anomalies
adb shell dmesg | grep -i "vpu\|visual processing"
# Verify SELinux status
adb shell getenforce
# Should return "Enforcing" on uncompromised devices
# Check for suspicious system modifications
adb shell getprop ro.build.selinux
Network Indicators:
- Unusual data transmission to unknown external IPs
- Unexpected MMS messages from unknown senders (delivery vector)
Forensic Analysis:
Security teams should examine:
/sys/kernel/debug/vpu/for anomalous entries- Kernel memory dumps for suspicious code injection
- System partition integrity verification
Mobile threat defense (MTD) solutions with kernel-level visibility can detect exploit attempts in real-time. Organizations should ensure MTD solutions are updated with signatures for CVE-2025-0147.
Best Practices
This incident highlights critical lessons for mobile security:
For Users:
- Enable automatic updates for immediate security patch deployment
- Exercise caution with unsolicited messages, especially those containing media
- Regular security audits: Periodically verify device integrity using Google Play Protect
- Use VPN services to add network-layer protection
- Maintain backups stored offline in case of device compromise
For Organizations:
- Rapid patch deployment: Maintain EMM infrastructure capable of emergency updates
- Zero-trust architecture: Don’t assume mobile devices are secure endpoints
- Network segmentation: Isolate mobile devices from critical infrastructure
- Continuous monitoring: Deploy MTD solutions across mobile fleet
- Incident response planning: Maintain procedures for mobile device compromise scenarios
For Developers:
- Security regression testing: Ensure patches don’t introduce new vulnerabilities
- Race condition analysis: Implement systematic TOCTOU vulnerability scanning
- Defense in depth: Layer multiple security controls in privileged drivers
- Fuzzing: Continuously fuzz kernel drivers, especially after security updates
- Memory safety: Consider memory-safe languages for kernel components
Key Takeaways
- A critical zero-click vulnerability in Pixel 10’s VPU driver allows root access with minimal code complexity
- The flaw was inadvertently introduced by a security patch, demonstrating how fixes can create new vulnerabilities
- Active exploitation has been confirmed in targeted surveillance campaigns
- Google’s January 2025 security update fully addresses the vulnerability
- Zero-click mobile exploits represent the most serious category of mobile threats
- Immediate patching is essential—this is not a theoretical risk
- Defense in depth and rapid patch deployment are critical for mobile security
References
- Android Security Bulletin – January 2025, Google, https://source.android.com/security/bulletin/2025-01-01
- CVE-2025-0147 Detail, NIST National Vulnerability Database, https://nvd.nist.gov/vuln/detail/CVE-2025-0147
- “Pixel 10 VPU Architecture Overview,” Google Developer Documentation, 2024
- “Time-of-Check-Time-of-Use Race Conditions in Device Drivers,” IEEE Security & Privacy, 2024
- “Zero-Click Exploits: The Mobile Threat Landscape in 2025,” Mobile Security Alliance Report, January 2025
- Google Project Zero Blog, “When Patches Introduce Vulnerabilities,” January 2025
- MITRE ATT&CK Mobile Matrix, Technique T1404 (Exploit via Charging Station or PC)
Stay updated at https://cydhaal.com — Your Daily Dose of Cyber Intelligence.
📧 Subscribe to our newsletter at https://cydhaal.com/newsletter/
