BlackBerry has confirmed that critical software vulnerabilities detected earlier this year also impact code the company made for numerous medical devices, according to a new article in CyberScoop. Automotive and energy equipment could also be affected, BlackBerry said.
A hacker who exploits the so-called BadAlloc software vulnerabilities, which Microsoft researchers uncovered, could cause devices running the software to crash. In BlackBerry’s case, the attacker would need to first gain access to a targeted network and then go after devices that are exposed to the internet.
The affected software is BlackBerry’s QNX Real-Time Operating System, a suite of software that manages data across a network. It’s unclear just how many devices are running the affected BlackBerry software. The firm said last year that its QNX software was embedded in more than 175 million cars alone. A BlackBerry spokesperson did not immediately respond to a request for comment.
“These vulnerabilities may introduce risks for certain medical devices, as well as pharmaceutical or medical device manufacturing equipment,” the Food and Drug Administration said in an advisory Tuesday, adding that it was working with other federal agencies and the private sector to mitigate the risk.
Read the full article on CyberScoop.