CVE-2021-32025 HIGH

CVE-2021-32025

Vendor Blackberry
Product QNX Software Development Platform (SDP), QNX OS for Medical (QOSM), and QNX OS for Safety (QOS)
Weakness CWE-368
Published March 9, 2022
Last update August 22, 2025

CVSS base score

8.1/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system.

Key dates

02Disclosure timeline

March 9, 2022 CVE published
August 22, 2025 Record updated