BlackBerry discloses hackers can access its QNX operating system

Canada-based BlackBerry disclosed that hackers can access its QNX Real Time Operating System (QNX RTOS) due to a vulnerability that could allow an attacker to execute an arbitrary code or flood a server with traffic until it crashes or gets paralyzed.
BlackBerryAutomakers including Volkswagen, BMW and Ford Motor used the software in many critical functions including the Advanced Driver Assistance System, Reuters reported.

The issue does not impact current or recent versions of the QNX RTOS, but rather versions dating from 2012 and earlier, BlackBerry said, adding that, at this time, no customers have indicated that they have been impacted.

The U.S. drugs regulator and a federal agency said on Tuesday that the cybersecurity flaw in a software designed by BlackBerry could put at risk cars and medical equipment that use it and expose sensitive systems to attackers.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said the software is used in a range of products and its compromise could result in a malicious actor gaining control of highly sensitive systems, increasing risk to the Nation’s critical functions.

The federal agency that comes under the Department of Homeland Security and the company said they were not yet aware of any case of active exploitation of the flaw.

The U.S. Food and Drug Administration said it was not aware of any adverse events even as medical equipment manufacturers assess which systems could be affected.

BlackBerry also said it has notified potential customers that have been affected and has made software patches available to resolve the matter.

BlackBerry had initially denied that the vulnerability, dubbed as BadAlloc, impacted its products and later resisted making a public announcement, Politico reported, citing two people familiar with talks between the company and federal cybersecurity officials, including a government employee.

Related News

Latest News

Latest News