← Back

CVE-2024-33070

nvd nist
Published: Oct 7, 2024Modified: Oct 16, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: product-security@qualcomm.com (Secondary)

Description

Transient DOS while parsing ESP IE from beacon/probe response frame.

Affected (5)

Qualcomm
5 products
Qca6574au Firmware
Qca6574a Firmware
Qca6564au Firmware
Qca6564a Firmware
Mdm9628 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca6574au Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca6574au
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca6574a Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca6574a
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca6564au Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca6564au
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca6564a Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca6564a
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9628 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9628
All versions

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-126
Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (1)

Source: product-security@qualcomm.com
Vendor Advisory

Timeline

No history available yet.