{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"QNX Software Development Platform (SDP)","vendor":"BlackBerry","versions":[{"lessThanOrEqual":"6.6.0","status":"affected","version":"6.4.0","versionType":"custom"},{"lessThanOrEqual":"7.1","status":"affected","version":"7.0","versionType":"custom"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.</p>"}],"value":"A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process."}],"impacts":[{"capecId":"CAPEC-153","descriptions":[{"lang":"en","value":"CAPEC-153 Input Data Manipulation"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"6.4.0 through 6.6.0"}]},{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"7.0 through 7.1"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1287","description":"CWE-1287: Improper Validation of Specified Type of Input","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"dbe78b00-5e7b-4fda-8748-329789ecfc5c","shortName":"blackberry","dateUpdated":"2025-09-09T15:07:31.697Z"},"references":[{"tags":["x_refsource_MISC"],"url":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.2.0"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secure@blackberry.com","ID":"CVE-2021-32024","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BlackBerry QNX Software Development Platform (SDP)","version":{"version_data":[{"version_value":"QNX SDP 6.4 to 7.1"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Remote code execution"}]}]},"references":{"reference_data":[{"name":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042","refsource":"MISC","url":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T23:17:27.925Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042"}]}]},"cveMetadata":{"assignerOrgId":"dbe78b00-5e7b-4fda-8748-329789ecfc5c","assignerShortName":"blackberry","cveId":"CVE-2021-32024","datePublished":"2021-12-13T18:06:24.000Z","dateReserved":"2021-05-03T00:00:00.000Z","dateUpdated":"2025-09-09T15:07:31.697Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}