US agencies warn flaw in BlackBerry software could be ‘dangerous’ for these cars, medical devices

A cybersecurity flaw in a software designed by BlackBerry Ltd could put at risk cars and medical equipment that use it and expose highly sensitive systems to attackers, the U.S. drugs regulator and a federal agency said.

The warning came after the Canadian company disclosed that its QNX Real Time Operating System has a vulnerability that could allow an attacker to execute an arbitrary code or flood a server with traffic until it crashes or gets paralyzed.

The software is used by automakers including Volkswagen, BMW and Ford Motor in many critical functions including the Advanced Driver Assistance System.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said the software is used in a wide range of products and its compromise “could result in a malicious actor gaining control of highly sensitive systems, increasing risk to the Nation’s critical functions”, the CISA said https://us-cert.cisa.gov/ncas/alerts/aa21-229a.

The federal agency that comes under the Department of Homeland Security and the company said they were not yet aware of any case of active exploitation of the flaw.

The U.S. Food and Drug Administration said it was not aware of any adverse events even as medical equipment manufacturers assess which systems could be affected.

BlackBerry had initially denied that the vulnerability, dubbed as BadAlloc, impacted its products and later resisted making a public announcement, Politico reported, citing two people familiar with talks between the company and federal cybersecurity officials, including a government employee.

FacebookTwitterLinkedin


For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.