Blackberry kept security holes a secret for months
A security gap in the Blackberry QNX operating system could endanger driver assistance systems and medical equipment. But the manufacturer had apparently refused to make the security hole public for months.
At the end of April 2021, Microsoft security researchers reported a serious vulnerability that affects several real-time operating systems. Several affected manufacturers then worked with the responsible US authorities from May to inform customers about the BadAlloc to inform the named security vulnerability and to induce them to import a security patch. Blackberry was not one of them. A report from the US publication Politico According to the Canadian software provider initially denied to the authorities that their QNX operating system was affected by BadAlloc.
Under pressure from the US authorities, Blackberry is said to have agreed to recognize the vulnerability. However, the company did not want to make it public, but rather to notify affected customers directly. However, according to Politico information, Blackberry has no real overview of which companies use QNX because the operating system is mainly sold through partner companies.
Blackberry did not have one until yesterday, Tuesday, August 17, 2012 public statement on the vulnerability released. It states that only older versions from 2012 and earlier are affected by the security vulnerability. The US authorities now also have one official warning posted before the QNX vulnerability. A list of all affected software versions can also be found there.
Contents
QNX is used in many driver assistance systems and medical devices
The real-time operating system QNX is designed for embedded systems and is used in various industries. For example, all BMW navigation systems have been using the operating system since 2008. Volkswagen and its subsidiary brands Seat, Audi and Skoda also use QNX. The operating system is also used outside of the mobility sector and is also found in many devices from the medical sector, among other things.