CVE-2010-3741

Published: Oct 5, 2010Modified: Apr 29, 2026

4.7

Vector

AV:L/AC:M/Au:N/C:C/I:N/A:N

Exploitability: 3.4 / Impact: 6.9

Source: NVD

Description

The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack.

Affected (1)

Products: Rim: Blackberry Desktop Software

Rim

1 product

Blackberry Desktop Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Rim Blackberry Desktop Software	All versions

Related CWEs

CWE-310

References (10)

http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords/

Source: cve@mitre.org

http://it.slashdot.org/story/10/10/01/166226/

Source: cve@mitre.org

http://twitter.com/elcomsoft/statuses/25954970586

Source: cve@mitre.org

http://www.infoworld.com/t/mobile-device-management/you-can-no-longer-rely-encryption-protect-blackberry-436

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7360

Source: cve@mitre.org

http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords/