How severe is CVE-2021-32024?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Blackberry Qnx Software Development Platform (Sdp)

CVE-2021-32024

A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.

EPSS: 0.027 (86.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Blackberry Qnx Software Development Platform (Sdp) — versions 6.4.0, 7.0

Weakness classification (CWE)

CWE-1287

References

support.blackberry.com/kb/articleDetail (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-32024?: CVE-2021-32024 is a critical-severity vulnerability in Blackberry Qnx Software Development Platform (Sdp), classified under CWE-1287. CVSS score: 9.8/10. Published 2021-12-13.
How severe is CVE-2021-32024?: Critical severity. CVSS v3 base score is 9.8 out of 10.