CVE-2021-32024
CRITICALBlackBerry QNX SDP 6.4.0-7.1 - Remote Code Execution via BMP Image Codec
Title source: llmDescription
A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
http://support.blackberry.com/kb/articleDetail?articleNumber=000089042
Scores
CVSS v3
9.8
EPSS
0.0179
EPSS Percentile
75.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-1287
Status
published
Products (1)
blackberry/qnx_software_development_platform
6.4.0 - 7.1
Published
Dec 13, 2021
Tracked Since
Feb 18, 2026