CVE-2024-21452
📋 TL;DR
This vulnerability allows attackers to cause a denial-of-service (DoS) condition by sending specially crafted ASN.1 OER messages containing unknown extensions to vulnerable systems. It affects Qualcomm products and software that process ASN.1 OER messages, potentially impacting devices using Qualcomm chipsets.
💻 Affected Systems
- Qualcomm chipsets and associated software/firmware
📦 What is this software?
Snapdragon Auto 4g Modem Firmware by Qualcomm
⚠️ Risk & Real-World Impact
Worst Case
Complete system crash or reboot, rendering the device unusable until manually restarted, potentially affecting critical infrastructure or medical devices.
Likely Case
Temporary service disruption requiring manual intervention to restore functionality, affecting device availability.
If Mitigated
Minimal impact with proper network filtering and monitoring to detect and block malicious messages.
🎯 Exploit Status
Exploitation requires crafting specific ASN.1 OER messages; no public proof-of-concept known as of analysis.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Qualcomm April 2024 security bulletin for specific patched versions.
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html
Restart Required: Yes
Instructions:
1. Review Qualcomm April 2024 security bulletin for affected products. 2. Apply firmware/software updates from device manufacturers. 3. Reboot devices after patching.
🔧 Temporary Workarounds
Network filtering
allBlock or filter incoming ASN.1 OER messages at network boundaries to prevent exploitation.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate vulnerable systems.
- Monitor for abnormal traffic patterns or DoS attempts targeting ASN.1 processing.
🔍 How to Verify
Check if Vulnerable:
Check device firmware/software version against Qualcomm's April 2024 bulletin; if unpatched and using affected Qualcomm components, assume vulnerable.Check Version:
Device-specific; e.g., on Android: 'Settings > About phone > Build number' or use manufacturer tools.Verify Fix Applied:
Verify that firmware/software version matches or exceeds patched versions listed in Qualcomm bulletin.📡 Detection & Monitoring
Log Indicators:
- System crashes or reboots related to message processing
- Error logs mentioning ASN.1, OER, or decoding failures
Network Indicators:
- Unusual spikes in network traffic containing ASN.1 OER messages
- Messages with malformed or unknown extensions
SIEM Query:
Example: search for 'ASN.1 OER' OR 'decoding error' in system logs combined with crash events.