BlackBerry addressed a pair of serious vulnerabilities yesterday in its BlackBerry Link product that enables users to sync content between a BlackBerry 10 device and a desktop or laptop.
The vulnerability lies in the Peer Manager component of Link that provides remote file access, which according to BlackBerry allows a user to access documents and files in a remote folder using their mobile device.
The risk is limited, BlackBerry said, because an exploit would require user interaction.
“Successful exploitation can require that an attacker must persuade a user on a system with BlackBerry Link installed to click on a specifically crafted link or access a webpage containing maliciously crafted code,” BlackBerry said in its advisory BSRT 2013-12. “In the alternative scenario, successful exploitation requires that a local attacker must be able to log in to the affected system while the BlackBerry Link remote file access feature is running under a different user account.”
An attacker could then read or modify any data from the remote folder accessible through Link.
BlackBerry said in multiuser systems, a successful exploit could elevate privileges for users on the same system to access the remote folder belonging to the account on which Peer Manager is running. Remote attackers could also access these folders by enticing a user to click on a malicious link or surf to an infected website. Remote attackers could also leverage users on a multiuser system to gain access to remote folders and the data within.
“An attacker must persuade a lower privileged local user to click on a specifically crafted link or access a webpage containing maliciously crafted code while the user is logged into their account on a machine on which a higher privileged user has previously logged in, resulting in Peer Manager running under the higher privileged user account,” BlackBerry said.