Vulnerability in Networking Stack Impacts QNX Software Development Platform (SDP)
CVE-2023-32701

7.1HIGH

Key Information:

Vendor: Blackberry
Status: Qnx Software Development Platform
Vendor: CVE Published:; 14 November 2023

What is CVE-2023-32701?

An improper input validation vulnerability in the networking stack of QNX SDP versions 6.6, 7.0, and 7.1 may expose systems to risks of information disclosure or potential denial-of-service attacks. This flaw could allow attackers to manipulate input, leading to unintended consequences and system instability. Organizations using affected QNX SDP versions should prioritize reviewing their security posture and apply necessary updates.

Affected Version(s)

QNX Software Development Platform 6.6, 7.0, and 7.1

References

https://support.blackberry.com/kb/articleDetail?articleNu...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
May 11, 2023

Blackberry

What is CVE-2023-32701?

Affected Version(s)

References

CVSS V3.1

Timeline