CVE-2023-33026

Q: What is the severity of CVE-2023-33026?

CVE-2023-33026 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers to cause a temporary denial-of-service (DoS) in affected Wi-Fi devices by sending specially crafted NAN (Neighborhood Aware Networking) management frames. The flaw exists in Qualcomm WLAN firmware and affects devices using vulnerable Qualcomm chipsets. Attackers within Wi-Fi range can disrupt wireless connectivity.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause a temporary denial-of-service (DoS) in affected Wi-Fi devices by sending specially crafted NAN (Neighborhood Aware Networking) management frames. The flaw exists in Qualcomm WLAN firmware and affects devices using vulnerable Qualcomm chipsets. Attackers within Wi-Fi range can disrupt wireless connectivity.

💻 Affected Systems

Products:

Devices with Qualcomm WLAN chipsets

Versions: Specific chipset firmware versions as listed in Qualcomm advisories

Operating Systems: Android, Linux, and other OS using Qualcomm WLAN drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with NAN functionality enabled; exact chipset models in Qualcomm October 2023 bulletin.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Persistent wireless service disruption requiring device reboot, potentially affecting critical connectivity in enterprise or IoT environments.

🟠

Likely Case

Temporary Wi-Fi disconnection or performance degradation until the device recovers automatically.

🟢

If Mitigated

Minimal impact with proper network segmentation and updated firmware.

🌐 Internet-Facing: MEDIUM - Attackers need physical proximity to Wi-Fi range but no authentication required.

🏢 Internal Only: MEDIUM - Same proximity requirement applies internally; could affect wireless networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending crafted NAN frames within Wi-Fi range; no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates specified in Qualcomm October 2023 security bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device after update. 4. Verify patch installation.

🔧 Temporary Workarounds

Disable NAN functionality

all

Turn off Neighborhood Aware Networking features if not required

Device-specific commands vary by manufacturer

Network segmentation

all

Isolate vulnerable devices on separate wireless networks

🧯 If You Can't Patch

Implement physical security controls to limit Wi-Fi access range
Monitor for unusual NAN frame activity and wireless disconnection events

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm advisory; devices with unpatched Qualcomm WLAN chipsets are vulnerable.

Check Version:

Device-specific (e.g., Android: Settings > About Phone > Baseband version)

Verify Fix Applied:

Confirm firmware version matches patched versions in Qualcomm bulletin; test wireless stability.

📡 Detection & Monitoring

Log Indicators:

Unexpected wireless disconnections
WLAN driver/firmware crash logs
NAN protocol error messages

Network Indicators:

Unusual NAN management frame patterns
Increased deauthentication frames

SIEM Query:

Wireless logs containing 'NAN' errors OR 'WLAN firmware crash' events

📊 Metadata

CVE ID: CVE-2023-33026

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-126

Published: October 3, 2023

Last Updated: August 11, 2025

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Ar9380 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Immersive Home 214 Platform Firmware by Qualcomm

Immersive Home 216 Platform Firmware by Qualcomm

Immersive Home 316 Platform Firmware by Qualcomm

Immersive Home 318 Platform Firmware by Qualcomm

Immersive Home 3210 Platform Firmware by Qualcomm

Immersive Home 326 Platform Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq5332 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8064 Firmware by Qualcomm

Ipq8065 Firmware by Qualcomm

Ipq8068 Firmware by Qualcomm

Ipq8070 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Ipq9008 Firmware by Qualcomm

Ipq9554 Firmware by Qualcomm

Ipq9570 Firmware by Qualcomm

Ipq9574 Firmware by Qualcomm

Pmp8074 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qca0000 Firmware by Qualcomm

Qca2062 Firmware by Qualcomm

Qca2064 Firmware by Qualcomm

Qca2065 Firmware by Qualcomm

Qca2066 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6554a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8072 Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8082 Firmware by Qualcomm

Qca8084 Firmware by Qualcomm

Qca8085 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca8386 Firmware by Qualcomm

Qca9886 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qca9980 Firmware by Qualcomm

Qca9984 Firmware by Qualcomm

Qca9985 Firmware by Qualcomm