The Showcase.apk vulnerability, present in all Pixel Android releases since 2017, poses severe risks like remote code execution, potentially allowing complete device takeover.
Even riskier, the application is designed to download a configuration file over an unencrypted HTTP web connection that iVerify researchers say could be hijacked by an attacker to take control of the application and then the entire victim device.
Google stated that Showcase is no longer being used by Verizon and promised to remove it in upcoming software updates, despite having not seen any signs of active exploitation.
[
Collection
]
[
|
...
]