Remote Code Execution Vulnerability in BlackBerry UEM Management Console
CVE-2021-22153

7.3HIGH

Key Information:

Vendor: Blackberry
Status: Unified Endpoint Management
Vendor: CVE Published:; 13 May 2021

What is CVE-2021-22153?

A vulnerability in the Management Console of BlackBerry UEM could allow attackers to execute arbitrary commands on the victim's local machine. This issue arises in specific versions of the product, enabling potential exploitation through the spreadsheet application, where an unauthorized user could gain control with the privileges of the legitimate user. It is essential for organizations using affected versions to apply security updates promptly to mitigate risks.

References

https://support.blackberry.com/kb/articleDetail?articleNu...

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2021
Vulnerability Reserved
Jan 4, 2021

Blackberry

What is CVE-2021-22153?

References

CVSS V3.1

Timeline