CyberSec.Space Logo
Back to CVE Browser

CVE-2021-32025

HIGH
8.1
CVSS Severity Score
EPSS Score0.1510%
EPSS Percentile29.32th
PublishedMar 10, 2022
Last ModifiedAug 22, 2025

Vulnerability Description

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system.

Affected Platforms (CPE)

πŸ“¦
Blackberry

Qnx Momentics

= 6.3.0
πŸ“¦
Blackberry

Qnx Momentics

= 6.3.2
πŸ“¦
Blackberry

Qnx Software Development Platform

>= 6.4.0 and <= 7.0
πŸ’»
Blackberry

Qnx Os For Medical

>= 1.0 and < 1.1.2
πŸ’»
Blackberry

Qnx Os For Medical

= 2.0.0
πŸ’»
Blackberry

Qnx Os For Safety

>= 1.0.0 and < 1.0.3
πŸ’»
Blackberry

Qnx Os For Safety

>= 2.0.0 and < 2.0.2

References & Advisories

πŸ”— http://support.blackberry.com/kb/articleDetail?articleNumber=000090868
πŸ”— http://support.blackberry.com/kb/articleDetail?articleNumber=000090868

Related Vulnerabilities

CVE-2008-30249.3

Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a l...

CVE-2013-26877.8

Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momen...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-3477010.0

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software fo...