CVE-2021-32022

EUVD-2021-18889
A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system and gaining the ability to delete data from the local system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
blackberryprotect
𝑥
≤ 1574
𝑥
= Vulnerable software versions
References
https://support.blackberry.com/kb/articleDetail?articleNumber=000088685
https://support.blackberry.com/kb/articleDetail?articleNumber=000088685