Google Pixel series phones have been exposed to security vulnerabilities: they can remotely execute code and install malware

Thanks to netizen New Soft Media Friend 1933769 for submitting clues! According to news on August 16, technology blog iVerify published a blog post yesterday (August 15), reporting that Google Pixel series phones have security vulnerabilities that, if exploited by attackers, can remotely execute code, install malware, and more. Summary of the Vulnerability The vulnerability is rooted in a third-party Android software package called Showcase.apk, developed by Smith Micro to help Verizon set phones in stores into retail demo mode. Citing the media report, the app is not only able to remotely execute code and install software, but also download configuration files through unencrypted HTTP network connections, meaning hackers can exploit this vulnerability to hijack Pixel devices. Verizon no longer uses Showcase, but the APK is still included in the Android version of Google Pixel smartphones. Scope of Impact Google has pre-installed the application on several previous Pixel phones, but the latest Pixel 9 series phones have removed the application and are therefore not affected. Fix Google disclosed the vulnerability in May this year and has not yet fixed it, but Google said it plans to remove the app through an update.

iVerify believes that the Showcase app may also be embedded on other Android devices. Google said it was notifying other Android manufacturers as a precaution.

The above is the detailed content of Google Pixel series phones have been exposed to security vulnerabilities: they can remotely execute code and install malware. For more information, please follow other related articles on the PHP Chinese website!