Primary

Context

Google Pixel Elevation of Privilege Vulnerability in Modem Component

Vulnerability

A heap buffer overflow vulnerability has been identified in the NrmmDecoder::DecodeSORTransparentContext function within cn_NrmmDecoder.cpp. This flaw allows for a possible out-of-bounds write, which could lead to remote (proximal/adjacent) elevation of privilege. Exploitation of this vulnerability does not require any additional execution privileges or user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized elevation of privilege, allowing a user to gain increased rights or access within the system.

Remediation

Users can update their devices to the December 2025 security patch level to address this vulnerability.

Added: Dec 11, 2025, 8:25 PM

Updated: Dec 11, 2025, 9:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Pixel Elevation of Privilege Vulnerability in Modem Component

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating