The US FDA is informing patients, health care providers, and manufacturers about cybersecurity vulnerabilities with a “real-time operating system (RTOS)” designed by QNX and owned by BlackBerry. These vulnerabilities may introduce risks for certain medical devices and drug manufacturing equipment. FDA is not aware of any confirmed adverse events related to these vulnerabilities. Manufacturers are assessing which equipment or systems may be affected by the BlackBerry QNX cybersecurity vulnerability, evaluating the risk, and developing mitigations, including deploying patches from BlackBerry.
Report Security Impacts
If your organization is impacted by the BlackBerry QNX cybersecurity vulnerability, please contact FDA. Drug manufacturers regulated by the Center for Drug Evaluation and Research should contact: cdercybersecurity@fda.hhs.gov. Please include the product(s), equipment, and/or system(s) that use the vulnerable RTOS and any identified or possible impacts.
Questions?
If you have questions about this cybersecurity vulnerability, contact the Cybersecurity and Infrastructure Security Agency (CISA).
Subscribe to our e-Newsletters
Stay up to date with the latest news, articles, and events. Plus, get special offers
from American Pharmaceutical Review – all delivered right to your inbox! Sign up now!