projectzero.google
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-06-08.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-06-08 2026 | Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529FuzzingRCE | This post details the exploitation of CVE-2024-54529, a type confusion vulnerability discovered in macOS's coreaudiod system daemon through knowledge-driven fuzzing. Following a previous discussion on the vulnerability discovery process, this article focuses on the technical steps involved in exploiting the type confusion flaw, building upon the initial research that also uncovered a double-free vulnerability (CVE-2025-31235). |
| 2026-06-08 2026 | Bypassing Administrator Protection by Abusing UI AccessAuthZBug Bounty | A researcher discovered nine ways to bypass Windows' new Administrator Protection feature, which aims to secure User Account Control (UAC). Five of these bypasses exploited the UI Access implementation, a vulnerability that had been a persistent issue with UAC. All identified vulnerabilities have since been fixed. |
| 2026-06-08 2026 | A Deep Dive into the GetProcessHandleFromHwnd APIAuthZBug Bounty | The author explores the `GetProcessHandleFromHwnd` API, discovered through a UAC bypass vulnerability in Quick Assist UI Access. This post delves into the API's functionality and security implications, beginning with an examination of its documentation to understand its history and security characteristics. The analysis aims to shed light on this lesser-known API and its potential uses. |
| 2026-06-08 2026 | On the Effectiveness of Mutational Grammar FuzzingFuzzing | Mutational grammar fuzzing maintains sample structure by using predefined grammars to guide mutations. Resulting samples always conform to grammar rules. Coverage-guided versions save mutated samples that uncover new code paths, ensuring effective exploration of program states. This technique aims to produce more valid and structurally sound test cases for fuzzing. |
| 2026-06-08 2026 | A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window OpensMobileRCE | Researchers developed a zero-click exploit chain for the Google Pixel 9, achieving root access with just two exploits. They then aimed to replicate this for the Pixel 10. Their initial exploit targeted a cross-Android Dolby vulnerability (CVE-2025-54957), patched in January 2026. Adapting this exploit for the Pixel 10 proved to be a relatively simple modification. The summary does not mention any bug bounty payout amounts. |
| 2026-01-15 2026 | A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby - Project ZeroMobile | Library detailing a 0-click exploit chain targeting the Pixel 9, focusing on vulnerabilities within the Dolby Unified Decoder. This analysis delves into CVE-2025-54957, an integer overflow in the EMDF payload processing, and CVE-2025-36934, a driver vulnerability, explaining how these lead to arbitrary code execution in the mediacodec context and privilege escalation to the kernel. The research highlights the increased attack surface introduced by AI-driven audio transcription features in mobile devices. |