CyberSec.Space Logo
Back to CVE Browser

CVE-2020-6932

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1820%
EPSS Percentile5.83th
PublishedAug 12, 2020
Last ModifiedAug 22, 2025

Vulnerability Description

An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.

Affected Platforms (CPE)

📦
Blackberry

Qnx Software Development Platform

>= 6.4.0 and <= 6.6.0

References & Advisories

🔗 http://support.blackberry.com/kb/articleDetail?articleNumber=000061411
🔗 http://support.blackberry.com/kb/articleDetail?articleNumber=000061411

Related Vulnerabilities

CVE-2017-38919.6

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration ...

CVE-2021-221569.0

An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Softwa...

CVE-2021-320258.1

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform versi...

CVE-2019-89987.8

An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc file...