BlackBerry 10.x < 'qconnDoor' Buffer Overflow

High Nessus Network Monitor Plugin ID 8217


The BlackBerry mobile device is vulnerable to a buffer overflow.


Versions of BlackBerry 10.x earlier than are affected by a buffer overflow vulnerability in the 'qconnDoor' service. An attacker could leverage this for denial of service attacks and possibly arbitrary code execution. A successful attack requires having turned on developer mode once during the phone's runtime (and notably, can still be exploited even after the mode has been shut off).


Upgrade the BlackBerry to, or later. Refer to the vendor's advisory for mitigation involving the development mode, Wi-Fi and safely using USB functionality.

See Also

Plugin Details

Severity: High

ID: 8217

Published: 2014/04/30

Modified: 2016/01/30

Dependencies: 4545

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 9.8

Temporal Score: 9.4


Temporal Vector: CVSS3#E:ND/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:blackberry:blackberry_os

Patch Publication Date: 2014/04/08

Vulnerability Publication Date: 2014/04/08

Reference Information

CVE: CVE-2014-2389

BID: 66702