BlackBerry issued an alert on a remote code execution vulnerability in qconnDoor service that affects BlackBerry 10 smartphones. The flaw requires that a user enables development mode on a smartphone connected to a Wi-Fi network, that isnt enabled by default on BlackBerry 10 phones. The attack exploits a stack-based buffer overflow vulnerability in the qconn door service which is implemented by BlackBerry 10 OS to provide developer access, such as shell and remote debugging capabilities, to the smartphone. The vulnerability allows an attacker to execute code with the superuser profile profile.”]
Source: http://securityaffairs.co/wordpress/23820/security/blackberry-10-vulnerability.html