CVE-2025-12766

Name of the Vulnerable Software and Affected Versions BlackBerry AtHoc (OnPrem) version 7.21

Description An Insecure Direct Object Reference (IDOR) exists in the Management Console of BlackBerry AtHoc (OnPrem) version 7.21. This flaw could allow an attacker to obtain unauthorized information about other organizations hosted on the same Interactive Warning System (IWS). The issue involves an improper access control mechanism, potentially allowing unauthorized access to sensitive data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.