CVE-2024-33064

HIGH EPSS 30.3%

Published Oct 7, 20241y ago · Modified Jun 17, 20261w ago

8.2 CVSS 3.1

High

Published Oct 7, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

Information disclosure while parsing the multiple MBSSID IEs from the beacon.

Base Score

8.2

Exploitability

3.9

Impact

4.2

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity None

Availability Low

EPSS Exploit Probability

30.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

CWE-125 Out-of-bounds Read Memory Safety

CWE-126

Vendor	Product	Version	Range
qualcomm	qca6574au_firmware	*	any
qualcomm	qca6574au	*	any
qualcomm	qca6574a_firmware	*	any
qualcomm	qca6574a	*	any
qualcomm	qca6564au_firmware	*	any
qualcomm	qca6564au	*	any
qualcomm	qca6564a_firmware	*	any
qualcomm	qca6564a	*	any
qualcomm	mdm9628_firmware	*	any
qualcomm	mdm9628	*	any

docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html

Vendor Advisory

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.