THREAT OPS › Threat News › A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
<p>While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our experience finding, reporting and exploiting these vulnerabilities highlighted some broader issues in the Android ecosystem. This post describes the problems we encountered and recommendations for improvement.</p>
<h2 id="audio-attack-surfa
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2025-54957cve
- CVE-2025-36934cve
- https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.htmlurl
- https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.htmlurl
- https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.htmlurl
- https://android.googlesource.com/platform/frameworks/av/+/22c571b/services/mediacodec/minijail/seccomp_policy/mediacodec-seccomp-arm.policyurl
- https://googleprojectzero.blogspot.com/2025/11/defeating-kaslr-by-doing-nothing-at-all.htmlurl
- https://clang.llvm.org/docs/BoundsSafety.htmlurl
- https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.htmlurl
- https://googleprojectzero.blogspot.com/p/vulnerability-disclosure-policy.htmlurl
- https://professional.dolby.com/siteassets/pdfs/dolby-security-advisory-CVE-2025-54957-Oct-14-25.pdfurl
- https://source.android.com/docs/security/overview/updates-resources#rating_modifiersurl
- https://android-developers.googleblog.com/2019/05/queue-hardening-enhancements.htmlurl
- https://source.android.com/docs/core/ota/apexurl
Original source: https://projectzero.google/2026/01/pixel-0-click-part-3.html