PT-2021-19634 · Blackberry · Blackberry Protect

Published

2021-11-10

Updated

2022-07-12

CVE-2021-32023

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: BlackBerry Protect for Windows versions 1574 and earlier

Description: An elevation of privilege issue in the message broker could allow an attacker to execute code in the context of a BlackBerry Cylance service with admin rights on the system.

Recommendations: For versions 1574 and earlier, update to a version later than 1574 to resolve the issue. As a temporary workaround, consider restricting access to the message broker to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-32023

Affected Products

Blackberry Protect

PT-2021-19634 · Blackberry · Blackberry Protect

CVE-2021-32023

Related Identifiers

Affected Products

References · 5