Vulnerability in Blackberry Qnx_momentics
CVE-2021-32025
An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for S…
EPSS: 0.002 (6.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Blackberry Qnx_momentics — versions 6.3.0, 6.3.2
- Blackberry Qnx_os_for_medical — versions 2.0.0
- Blackberry Qnx_os_for_safety
- Blackberry Qnx_software_development_platform
- Blackberry Qnx Software Development Platform (Sdp), Os For Medical (Qosm), And Safety (Qos) — versions QNX SDP 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2 safety products compliant with IEC 61508 and/or ISO 26262
Weakness classification (CWE)
References
- secure@blackberry.com (Patch, x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-32025?
- CVE-2021-32025 is a high-severity vulnerability in Blackberry Qnx_momentics, classified under CWE-368. CVSS score: 8.1/10. Published 2022-03-10.
- How severe is CVE-2021-32025?
- High severity. CVSS v3 base score is 8.1 out of 10.