CVE-2025-2474: Vulnerability in PCX Image Codec Impacts QNX Software Development Platform
Published Jun 10, 2025
·Updated
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
Affected Software
4 affected components
QNX Software Development Platform>=7.0<=8.0
BlackBerry QNX Software Development Platform=7.0
BlackBerry QNX Software Development Platform=7.1
BlackBerry QNX Software Development Platform=8.0
Event History
Jun 10, 2025
CVE Published
via MITRE·05:38 PM
Data Sourced
via MITRE·05:38 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·06:15 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2025-2474?
CVE-2025-2474 is rated as a high-severity vulnerability due to its potential to allow unauthorized code execution.
2
How do I fix CVE-2025-2474?
To fix CVE-2025-2474, update to the latest version of QNX Software Development Platform that addresses this vulnerability.
3
What types of systems are affected by CVE-2025-2474?
CVE-2025-2474 affects QNX SDP versions 8.0, 7.1, and 7.0.
4
What kind of attacks can CVE-2025-2474 enable?
CVE-2025-2474 could allow an attacker to perform a denial-of-service attack or execute arbitrary code.
5
Who is at risk from CVE-2025-2474?
Any systems using the vulnerable versions of the QNX Software Development Platform are at risk from CVE-2025-2474.