BlackBerry 10 users must update their BlackBerry World app (from inside BlackBerry World, ironically) to patch an exploit that could enable a MITM (man-in-the-middle) attack.
BlackBerry’s security team uncovered a vulnerability in BlackBerry World’s file integrity checker — the server-side tool that ensures apps are malware- and exploit-free — that could allow a hacker to inject a malicious version of the app between the server and the user before the app is downloaded and installed. While BlackBerry says no one to its knowledge has been affected by the exploit, users connecting to a vulnerable network could put themselves at risk.
Current BlackBerry World versions affected are:
- BlackBerry 10.2 users running BB World versions earlier than 220.127.116.112
- BlackBerry 10.2.1 users running BB World versions earlier than 18.104.22.1683
- BlackBerry 10.3.0 users running BB World versions earlier than 22.214.171.124
BB 10 users need to enter the BlackBerry World on a trusted WiFi connection or over a cellular network to complete the update. The exploit affects all BlackBerry 10 devices, including the Z10, Q10, Q5, Z30 and Passport.
The full knowledge base entry is below:
“This advisory addresses a spoofing vulnerability that is not currently being exploited but affects BlackBerry 10 smartphone customers running the BlackBerry World app. BlackBerry® customer risk is limited both by the requirement that customers must first connect to an attacker-controlled network and by the inability of a potential attacker to force exploitation of the vulnerability without customer interaction. Successful exploitation requires an attacker to intercept a user’s application download/update request from BlackBerry World over a compromised network and replace the response from the server with a malicious file and requires that a user accept the permissions and install the malicious app. If the requirements are met for exploitation, an attacker could potentially gain access to any data or settings allowed by the app permissions that the user granted. After installing the recommended software update, affected customers will be fully protected from this vulnerability.”