Remote Code Execution Vulnerability in BlackBerry QNX SDP
CVE-2021-32024

9.8CRITICAL

Key Information:

Vendor: Blackberry
Status: Blackberry Qnx Software Development Platform (sdp)
Vendor: CVE Published:; 13 December 2021

What is CVE-2021-32024?

A vulnerability exists in the BMP image codec of BlackBerry QNX SDP versions 6.4 through 7.1 that allows remote code execution. An attacker could exploit this flaw to run arbitrary code within the context of the affected process, posing significant risks to system integrity and security. This vulnerability highlights critical areas needing attention in image processing components within QNX SDP.

Affected Version(s)

BlackBerry QNX Software Development Platform (SDP) QNX SDP 6.4 to 7.1

References

http://support.blackberry.com/kb/articleDetail?articleNum...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2021
Vulnerability Reserved
May 3, 2021

Blackberry

What is CVE-2021-32024?

Affected Version(s)

References

CVSS V3.1

Timeline