What is CVE-2014-2533?

CVE-2014-2533 is a vulnerability in Blackberry Qnx_neutrino_rtos, classified under CWE-264. Published 2014-03-18.

Is CVE-2014-2533 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Blackberry Qnx_neutrino_rtos

CVE-2014-2533

/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.

EPSS: 0.262 (96.4th percentile) — read the EPSS interpretation.

Affected products

Blackberry Qnx_neutrino_rtos — versions 6.4.1, 6.5.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS (mailing-list, x_refsource_FULLDISC)
45575 (exploit, x_refsource_EXPLOIT-DB)
20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS (mailing-list, x_refsource_BUGTRAQ)
20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS (mailing-list, x_refsource_FULLDISC)
20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS (mailing-list, x_refsource_BUGTRAQ)
32153 (Exploit, exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2014-2533?: CVE-2014-2533 is a vulnerability in Blackberry Qnx_neutrino_rtos, classified under CWE-264. Published 2014-03-18.
Is CVE-2014-2533 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.