CVE-2024-21457
📋 TL;DR
This vulnerability allows information disclosure when handling Multi-link Information Elements in Wi-Fi beacon frames. It affects devices with Qualcomm Wi-Fi chipsets that process these frames, potentially exposing sensitive network information to attackers within wireless range.
💻 Affected Systems
- Qualcomm Wi-Fi chipsets and devices using them
📦 What is this software?
Immersive Home 214 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 214 Platform Firmware →
Immersive Home 216 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 216 Platform Firmware →
Immersive Home 316 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 316 Platform Firmware →
Immersive Home 318 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 318 Platform Firmware →
Immersive Home 3210 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 3210 Platform Firmware →
Immersive Home 326 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 326 Platform Firmware →
Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm
View all CVEs affecting Snapdragon Auto 5g Modem Rf Gen 2 Firmware →
Snapdragon X65 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →
Snapdragon X72 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X72 5g Modem Rf System Firmware →
⚠️ Risk & Real-World Impact
Worst Case
An attacker could intercept sensitive network configuration data, device identifiers, or connection parameters, potentially enabling further attacks like targeted exploitation or network mapping.
Likely Case
Limited information leakage about network configuration and connected devices, which could aid in reconnaissance but not direct compromise.
If Mitigated
Minimal impact with proper network segmentation and monitoring, as the vulnerability requires proximity and only leaks configuration data.
🎯 Exploit Status
Exploitation requires crafting malicious beacon frames and proximity to target wireless networks. No authentication needed as beacon frames are broadcast.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Qualcomm July 2024 security bulletin for chipset-specific firmware updates
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html
Restart Required: Yes
Instructions:
1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided Wi-Fi driver/firmware patches. 3. Reboot device to load updated firmware.
🔧 Temporary Workarounds
Disable Wi-Fi when not needed
linuxTurn off Wi-Fi radios to prevent beacon frame processing
nmcli radio wifi off
ip link set wlan0 down
Use wired connections
allPrefer Ethernet over Wi-Fi for sensitive devices
🧯 If You Can't Patch
- Segment wireless networks and restrict sensitive devices to wired connections
- Monitor for unusual beacon frame activity and implement wireless intrusion detection
🔍 How to Verify
Check if Vulnerable:
Check Qualcomm chipset version and compare against patched versions in July 2024 bulletinCheck Version:
Check device-specific commands (e.g., 'iwconfig' on Linux for driver info)Verify Fix Applied:
Verify Wi-Fi driver/firmware version matches patched versions from Qualcomm📡 Detection & Monitoring
Log Indicators:
- Unusual beacon frame patterns in wireless logs
- Multiple malformed Multi-link IE entries
Network Indicators:
- Abnormal beacon frame traffic with crafted Multi-link IEs
- Increased beacon frame rates from single sources
SIEM Query:
wireless AND (beacon OR multi-link) AND anomaly