Particle.news
Download on the App Store

Google Pixel Phones Contain Security Vulnerability from Preinstalled App

Millions of Pixel devices are at risk due to a third-party app with deep system access, prompting urgent security measures.

Overview

  • The vulnerability stems from Showcase.apk, a demo app used in Verizon stores, present in Pixel phones since 2017.
  • Showcase.apk runs at the system level, allowing potential remote code execution and malware installation.
  • Google plans to remove the app in an upcoming software update, though no active exploitation has been reported.
  • Palantir Technologies has stopped issuing Android devices to employees due to the security risk.
  • The app communicates over unsecured HTTP, making it susceptible to man-in-the-middle attacks.