Information Disclosure Vulnerability in Qualcomm's Wireless Products
CVE-2024-33064

8.2HIGH

Key Information:

Vendor: Qualcomm
Status: Qca6574au Firmware
Vendor: CVE Published:; 7 October 2024

What is CVE-2024-33064?

A vulnerability has been identified in Qualcomm's wireless products where information disclosure can occur while parsing the multiple Multiband SSID Information Elements (MBSSID IEs) from beacon frames. This could potentially allow attackers to extract sensitive information from the processed beacons, representing a risk in wireless communication environments. Users and network administrators are advised to keep their systems updated and follow security best practices to mitigate any associated risks.

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2024