BlackBerry’s QNX RTOS (real-time operating system), which is used in certain medical devices and drug manufacturing equipment, has been affected by a BadAlloc vulnerability. This is a collection of vulnerabilities that could allow a remote attacker to exploit and deny certain device functions. Yesterday the FDA issued an alert to patients, healthcare providers and manufacturers about the cybersecurity vulnerability. “The FDA is not aware of any confirmed adverse events related to these vulnerabilities,” the agency stated. “Manufacturers are assessing which devices may be affected by the BlackBerry QNX cybersecurity vulnerabilities and are evaluating the risk and developing mitigations, including deploying patches from BlackBerry.”
The Cybersecurity & Infrastructure Security Agency (CISA) also published an alert about the BadAlloc vulnerability and thus far is unaware of any exploitation of the vulnerability. “CISA strongly encourages critical infrastructure organizations and other organizations developing, maintaining, supporting, or using affected QNX-based systems to patch affected products as quickly as possible,” the agency stated in the alert.
For products that are affected by the vulnerability, manufacturers should contact BlackBerry to get the patch.
Related Articles
-
Unauthorized access could allow an attacker to take full control of the host operating system.
-
With the ever-increasing adoption of connected devices, the agency is emphasizing the need for effective cybersecurity.
-
Share your research, experience and expertise with your peers at the upcoming Medtech Advanced Manufacturing Conference and Medtech Supply Chain Intelligence Summit. Call for abstracts is now open.
-
Excess humidity can affect a pharmaceutical’s structure, chemical stability and dissolving rate, and this moisture can come in contact with product at multiple points throughout production and shipping. Fortunately, new technologies are making it easier for manufacturers and shippers to…
