A high-severity vulnerability has been identified in the Wireless LAN (WLAN) component of Google Pixel devices. This flaw could allow a nearby attacker to gain elevated privileges on a vulnerable device, potentially leading to a full system compromise, data theft, and installation of malicious software. Organizations must prioritize the immediate application of security patches to all affected corporate and employee-owned Pixel devices to mitigate this significant risk.

This is an elevation of privilege vulnerability existing within the WLAN subsystem of affected Google Pixel devices. An attacker within the local Wi-Fi range could potentially exploit this flaw by sending specially crafted wireless packets to a target device. Successful exploitation does not require user interaction and could allow the attacker to execute arbitrary code with elevated system permissions, bypassing standard Android security sandboxing and controls.

This vulnerability is rated as High severity with a CVSS score of 8.8. Exploitation could have a significant business impact, leading to the compromise of sensitive corporate data stored on or accessed by the affected Pixel device, including emails, documents, and credentials. An attacker gaining system-level access could install persistent malware or spyware, monitor all user activity, and use the compromised device as a pivot point to launch further attacks against the organization's internal network. The potential consequences include data breaches, financial loss, reputational damage, and regulatory penalties.

Immediate Action: Apply the vendor-provided security updates immediately. All Google Pixel devices should be updated to the Android Security Patch Level of 2025-09-05 or later. Following the update, monitor devices for any signs of compromise and review relevant system and network access logs for suspicious activity.

Proactive Monitoring: Security teams should monitor for anomalous behavior on managed Pixel devices. This includes observing for unexpected crashes or restarts of the WLAN service, unusual network traffic patterns originating from the devices, unauthorized connections to command-and-control servers, and the presence of any unrecognized applications or processes.

Compensating Controls: If immediate patching is not feasible, implement the following controls to reduce the risk of exploitation:

• Advise users to disable Wi-Fi in untrusted environments (e.g., public hotspots).
• Enforce the use of a corporate VPN to encrypt all network traffic from the device.
• Utilize Mobile Device Management (MDM) solutions to restrict device configurations and monitor for signs of non-compliance or compromise.

Public Exploit Available: false

Given the high CVSS score of 8.8, this vulnerability presents a critical risk to the organization. Although it is not currently listed on the CISA KEV catalog, its severity warrants immediate and prioritized action. We strongly recommend that all system administrators ensure the deployment of the September 2025 Android security update to all managed Google Pixel devices without delay. Organizations should also track threat intelligence sources for any change in the exploitation status of this vulnerability.