Weak Permissions in BlackBerry Protect Object Allows Bypass of Access Restrictions

Weak Permissions in BlackBerry Protect Object Allows Bypass of Access Restrictions

CVE-2013-3692 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:C/A:C

BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application.

Learn more about our Physical Security Assessment.