BlackBerry Security Flaw Leaves Millions of Cars, Medical Devices Vulnerable to Hackers

Kimberly Redmond  |

Video source: YouTube, WION

A security flaw in software designed by BlackBerry Limited (NYSE:  BB) has left almost two million cars, as well as countless devices in the medical, automotive and energy sectors, vulnerable to hackers, two federal agencies warned.

On Tuesday, the US Food and Drug Administration (FDA) and Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued advisories regarding the vulnerability, which affects older but still widely used versions of one of BlackBerry’s flagship products, an operating system called QNX.

Betting Against Elon Musk Has Not Been Profitable

Both CISA and the FDA said they are not aware of any incidents of active exploitation of the flaw, but warned the vulnerability gives hackers a way to attack systems remotely and urged users to update their software with a newly-released security patch from BlackBerry.

In a statement, BlackBerry said only QNX versions dating from 2012 and earlier are affected by the vulnerability and that at this time no users have reported any impacts. The company also said it notified some customers that could potentially be affected and made software patches available to resolve the matter.

Once a dominant player in smartphones, BlackBerry has morphed into a software business, supplying commercial operating systems for several industries, including medtech, aerospace, defense and rail. QNX is integrated into 195 million vehicles, including those made by Ford, Volkswagen and BMW, for a range of critical functions like advance driver assistance systems.

In May, several other software companies affected by BadAlloc revealed the flaws after Microsoft Corporation researchers discovered the problem a month earlier and urged users to patch their devices. 

According to Politico, BlackBerry initially denied that the vulnerability — dubbed BadAlloc — affected its products and resisted making a public announcement for months. 

Instead of going public, BlackBerry told CISA it planned to reach out privately to its direct customers and warn them of the issue, which, Politico noted, would be difficult since the company licenses QNX to manufacturers and therefore does not always know where its software winds up.

The company only disclosed the issue publicly after federal cybersecurity officials stepped in, Politico reported, citing unnamed sources familiar with the discussions.


Source: Equities News

Stock price data is provided by IEX Cloud on a 15-minute delayed basis. Chart price data is provided by TradingView on a 15-minute delayed basis.

Trending Articles

Twitter Down 13% in Premarket Trading Friday as Musk Puts Deal on Hold
The Best Laid Plans of Mice and Men — Part I
Bumble Beats First Quarter Estimates, Has Over 3 Million Paying Users
Squarespace Beats Revenue Estimates With Record Q1
BridgeBio Pharma Inks Licensing Deal With Bristol Myers Squibb Worth up to $905 Million
How To Trade in a Bearish Market
AbbVie and Teva Weighing $5 Billion Opioid Lawsuit Settlement

Market Movers

Sponsored Financial Content