Vulnerability in Older Software
Cars and Medical Technology at Risk
Older versions of Blackberry's QNX software, which is used in cars and medical technology, among other applications, have a serious security vulnerability, according to the company and U.S. experts.
The vulnerability could allow attackers to take control of systems, Blackberry and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned. At the same time, both emphasized that they were not yet aware of any cases in which the gap was exploited. It is unclear how widespread the several years old software versions still are.
Blackberry and CISA called on the relevant technology manufacturers to quickly upgrade to newer versions of the software in their devices.
The QNX vulnerabilities stem from the »BadAlloc« vulnerability, which has been known since spring and was also present in other, similar software. Blackberry initially contacted affected customers directly without a public announcement, the U.S. website »Politico« reported, referring to correspondence between the company and CISA.
