BlackBerry < 10.2.0.1443 Multiple Vulnerabilities

critical Nessus Plugin ID 74125

Synopsis

The version of BlackBerry 10 OS is affected by multiple vulnerabilities.

Description

The mobile device uses a version of BlackBerry 10 OS that is older than version 10.2.0.1443. It is, therefore, affected by multiple vulnerabilities related to Adobe Flash Player including memory corruption vulnerabilities that could allow arbitrary, remote code execution.

Note that this plugin has relied solely on the version of the installed OS.

Solution

Upgrade to BlackBerry 10.2.0.1443 or later.

Alternatively, refer to the vendor's advisory for mitigation steps involving disabling Flash content in the browser.

See Also

https://salesforce.services.blackberry.com/kbredirect/KB35925

Plugin Details

Severity: Critical

ID: 74125

File Name: blackberry_10_2_0_1443.nbin

Version: 1.92

Type: local

Published: 5/21/2014

Updated: 9/4/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-3347

Vulnerability Information

CPE: cpe:/o:blackberry:blackberry_os

Required KB Items: mdm/dependency/unlocked

Exploit Ease: No known exploits are available

Patch Publication Date: 5/13/2014

Vulnerability Publication Date: 5/16/2013

Reference Information

CVE: CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335, CVE-2013-3343, CVE-2013-3344, CVE-2013-3345, CVE-2013-3347

BID: 59889, 59890, 59891, 59892, 59893, 59894, 59895, 59896, 59897, 59898, 59899, 59900, 59901, 60478, 61043, 61045, 61048