CVE-2021-22153
Last modified
CVE-2021-22153 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.. EPSS estimates a 0.96% chance of exploitation in the next 30 days.
Description
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Blackberry | Unified Endpoint Management | <= 12.12.0 | — |
| Blackberry | Unified Endpoint Management | 12.12.1a | Quick Fix 1 |
| Blackberry | Unified Endpoint Management | 12.13.0 | — |
| Blackberry | Unified Endpoint Management | 12.13.1 | Quick Fix 1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-22153?
How severe is CVE-2021-22153?
How do I fix CVE-2021-22153?
Are you affected by CVE-2021-22153?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST