Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

BlackBerry Addresses Critical Vulnerabilities in Enterprise Server Software

BlackBerry issued fixes this week for critical vulnerabilities in its BlackBerry Enterprise Server (BES) that could result in escalation of privileges and arbitrary code execution.

BlackBerry issued fixes this week for critical vulnerabilities in its BlackBerry Enterprise Server (BES) that could result in escalation of privileges and arbitrary code execution.

The security issues are related to how some components in BES process TIFF images before they are displayed on BlackBerry devices. Depending on the privileges granted to the BES service account, an attacker would be able to exploit the flaws to access other parts of the network and execute arbitrary code, the company said in the advisory.

Attackers would be able to exploit these vulnerabilities by creating a specially crafted web page and then persuading a BlackBerry smartphone user to click on a link in an email or instant message pointing to that web page, the company said. In another attack scenario, attackers could also embed specially crafted TIFF images in the email or instant message and send it to the BlackBerry smartphone user. Since the vulnerability is within BES, the smartphone user does not even need to view the message, let along click on that image, for that attack to succeed.

“Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or allow elevation of privileges,” the advisory said.

All of these vulnerabilities have the maximum Common Vulnerability Scoring System score of 10.0, which stands for “high severity.” However, the company said it is “not aware of any attacks on or specifically targeting BlackBerry Enterprise Server customers.”

The updates affect BlackBerry Enterprise Server Express versions 5.02 through 5.04 and BlackBerry Enterprise Server versions 5.02 through 5.04 for Microsoft Exchange and IBM Lotus Domino. BlackBerry Enterprise Server versions 5.0.1 and 5.0.4 for Novell Groupwise are also impacted, the company said. Other BlackBerry software, BES versions 5.0.4 and later, BlackBerry smartphones, and the BlackBerry Device Software are not affected.

The affected components in the vulnerable applications include the BlackBerry Mobile Data System-Connection Service, which processes images on websites loaded on the browser; BlackBerry Messaging Agent, which processes images in email messages; and BlackBerry Collaboration Service, which processes images in instant messages sent using BES and related products.

Administrators with impacted BlackBerry Enterprise Server systems should apply BlackBerry Enterprise Server version 5.0.4 MR2 and an interim security update to BlackBerry Enterprise Server Express version 5.0.4 to close the vulnerabilities. The update would replace the installed image.dll file with a newer version.

Written By

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.