CVE-2021-32024
CVE-2021-32024
In short
A flaw in BlackBerry QNX's image processor allows attackers to run malicious code on a system by sending a specially crafted BMP image file. This is critical because it can give attackers complete control over the affected device.
Technical detail
A remote code execution vulnerability exists in the BMP image codec of BlackBerry QNX SDP 6.4–7.1, exploitable via a crafted BMP image file without authentication or user interaction required. The vulnerability allows arbitrary code execution within the codec's process context, potentially compromising system integrity and confidentiality.
Summary generated and translated by AI from the official description.
A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
BlackBerry · QNX Software Development Platform (SDP)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →