CVE-2021-32024

A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
blackberryCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
blackberryqnx_software_development_platform
6.4.0 ≤
𝑥
≤ 7.1
𝑥
= Vulnerable software versions
References
http://support.blackberry.com/kb/articleDetail?articleNumber=000089042
http://support.blackberry.com/kb/articleDetail?articleNumber=000089042