Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Security

BlackBerry 10 affected by a remote code execution vulnerability

BlackBerry issued an alert on a remote code execution vulnerability in qconnDoor service that affects BlackBerry 10 smartphones. A recent BlackBerry Security Advisory informed users of the existence of a remote code execution vulnerability (CVE-2014-1468) that affect BlackBerry 10 smartphone running OS versions earlier than version 10.2.0.1055. As described in the advisory the attackers could exploit the vulnerability sending […]

BlackBerry 10 affected by a remote code execution vulnerability

BlackBerry issued an alert on a remote code execution vulnerability in qconnDoor service that affects BlackBerry 10 smartphones.

A recent BlackBerry Security Advisory informed users of the existence of a remote code execution vulnerability (CVE-2014-1468) that affect BlackBerry 10 smartphone running OS versions earlier than version 10.2.0.1055.

As described in the advisory the attackers could exploit the vulnerability sending a specially crafted message over a Wi-Fi network to the qconnDoor service running on the smartphone. The flaw requires that a user enables development mode on a smartphone connected to a Wi-Fi network, that isn’t enabled by default on BlackBerry 10 smartphones, this last requirement need a significant interaction with targeted mobile.

“BlackBerry customer risk is limited by the inability of a potential attacker to force exploitation of the vulnerability without significant customer interaction or having physical access to the smartphone.”

The attack exploits a stack-based buffer overflow vulnerability in the qconnDoor service which is implemented by BlackBerry 10 OS to provide developer access, such as shell and remote debugging capabilities, to the smartphone.

“Successful exploitation of this vulnerability could potentially result in an attacker terminating the qconnDoor service running on a user’s BlackBerry smartphone. In addition, the attacker could potentially execute code on the user’s BlackBerry smartphone with the privileges of the root user (superuser).”

The exploitation of the vulnerability allows an attacker to execute code with the superuser profile .

The above attack scenario is not unique, the attacker could succeed connecting the targeted mobile device to a computer using a USB cable and sending the malicious messages to the qconnDoor service.

blackberry 10

The blackberry-connect is a tool available in the BlackBerry Network Development Kit (NDK) and it provides SSH connectivity to the BlackBerry 10 smartphone. As explained in the advisory, if the service is already connected using blackberry-connect, it is impossible for an attacker to compromise the qconnDoor service over Wi-Fi or USB.

The advisory invite users to install last software update to protect affected BlackBerry 10 Smartphones and provides a few suggestions to mitigate the vulnerability: 

  • A BlackBerry smartphone user with a vulnerable version of the BlackBerry 10 OS can avoid enabling development mode when Wi-Fi is enabled.
  • Customers who use development mode should disable the Wi-Fi network interface.
  • Customers who use development mode with the Wi-Fi network interface enabled should connect only to trusted wireless networks.
  • Users should connect their BlackBerry 10 smartphone over USB only to trusted computers.

Pierluigi Paganini

(Security Affairs –  BlackBerry 10, mobile)