Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

BlackBerry 10.x < 10.2.0.1055 'qconnDoor' Buffer Overflow

High

Synopsis

The BlackBerry mobile device is vulnerable to a buffer overflow.

Description

Versions of BlackBerry 10.x earlier than 10.2.0.1055 are affected by a buffer overflow vulnerability in the 'qconnDoor' service. An attacker could leverage this for denial of service attacks and possibly arbitrary code execution. A successful attack requires having turned on developer mode once during the phone's runtime (and notably, can still be exploited even after the mode has been shut off).

Solution

Upgrade the BlackBerry to 10.2.0.1055, or later. Refer to the vendor's advisory for mitigation involving the development mode, Wi-Fi and safely using USB functionality.