{"api_version":"1","generated_at":"2026-04-23T00:40:38+00:00","cve":"CVE-2021-32024","urls":{"html":"https://cve.report/CVE-2021-32024","api":"https://cve.report/api/cve/CVE-2021-32024.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-32024","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-32024"},"summary":{"title":"CVE-2021-32024","description":"A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.","state":"PUBLIC","assigner":"secure@blackberry.com","published_at":"2021-12-13 19:15:00","updated_at":"2022-02-08 15:54:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042","name":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042","refsource":"MISC","tags":[],"title":"QNX-2021-002 Vulnerability in BMP Image Codec Impacts BlackBerry QNX Software Development Platform (SDP)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-32024","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32024","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"32024","vulnerable":"1","versionEndIncluding":"7.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"blackberry","cpe5":"qnx_software_development_platform","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"32024","vulnerable":"1","versionEndIncluding":"7.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"blackberry","cpe5":"qnx_software_development_platform","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-32024","ASSIGNER":"secure@blackberry.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"BlackBerry QNX Software Development Platform (SDP)","version":{"version_data":[{"version_value":"QNX SDP 6.4 to 7.1"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Remote code execution"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042","url":"http://support.blackberry.com/kb/articleDetail?articleNumber=000089042"}]},"description":{"description_data":[{"lang":"eng","value":"A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process."}]}},"nvd":{"publishedDate":"2021-12-13 19:15:00","lastModifiedDate":"2022-02-08 15:54:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:blackberry:qnx_software_development_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"7.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"32024","Ordinal":"207353","Title":"CVE-2021-32024","CVE":"CVE-2021-32024","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"32024","Ordinal":"1","NoteData":"A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"32024","Ordinal":"2","NoteData":"2021-12-13","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"32024","Ordinal":"3","NoteData":"2021-12-13","Type":"Other","Title":"Modified"}]}}}