iVerify discovered an Android package, "Showcase.apk," with excessive system privileges, including remote code execution and remote package installation capabilities, on a very large percentage of Pixel devices shipped worldwide since September 2017.
It’s still a question of why an app with elevated permissions was packaged in the firmware, but yeah it doesn’t look like the exploit itself is easy to do.
It’s still a question of why an app with elevated permissions was packaged in the firmware, but yeah it doesn’t look like the exploit itself is easy to do.