CVE-2024-33018

Q: What is the severity of CVE-2024-33018?

CVE-2024-33018 has a CVSS score of 7.5 (HIGH). This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted TID-to-link mapping action frames to affected Wi-Fi devices. The vulnerability affects Qualcomm Wi-Fi chipsets and devices using them, potentially impacting smartphones, routers, IoT devices, and other wireless equipment.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted TID-to-link mapping action frames to affected Wi-Fi devices. The vulnerability affects Qualcomm Wi-Fi chipsets and devices using them, potentially impacting smartphones, routers, IoT devices, and other wireless equipment.

💻 Affected Systems

Products:

Qualcomm Wi-Fi chipsets and devices using them

Versions: Specific versions not detailed in reference; check Qualcomm advisory for chipset-specific details

Operating Systems: Android, Linux, and other OS using affected Qualcomm drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Wi-Fi enabled; vulnerability is in frame parsing logic of Qualcomm Wi-Fi firmware/drivers

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent device crash requiring physical restart, disrupting all wireless connectivity on affected devices.

🟠

Likely Case

Temporary service disruption where affected Wi-Fi interfaces reset or become unresponsive until frames stop or system restarts.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring; affected devices may experience brief connectivity interruptions.

🌐 Internet-Facing: MEDIUM - Attackers could target exposed wireless interfaces, but requires proximity to wireless range and specific timing.

🏢 Internal Only: MEDIUM - Internal attackers with wireless access could disrupt local network devices, but requires physical or wireless proximity.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending crafted 802.11 action frames; attacker needs to be within wireless range of target

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check device manufacturer updates; Qualcomm has provided fixes to OEMs

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check with device manufacturer for security updates. 2. Apply firmware/OS updates from manufacturer. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable Wi-Fi if not needed

all

Turn off Wi-Fi interfaces on critical devices that don't require wireless connectivity

Implement wireless intrusion prevention

all

Deploy WIPS to detect and block malicious 802.11 action frames

🧯 If You Can't Patch

Segment wireless networks from critical infrastructure
Monitor for unusual wireless frame patterns and DoS events

🔍 How to Verify

Check if Vulnerable:

Check device manufacturer security bulletins for your specific model; verify Qualcomm chipset version

Check Version:

Device-specific (e.g., Android: Settings > About phone; Linux: check driver/firmware versions)

Verify Fix Applied:

Confirm latest firmware/OS version is installed and check manufacturer's patched version list

📡 Detection & Monitoring

Log Indicators:

Wi-Fi interface resets
Driver/firmware crash logs
Unexpected disconnections

Network Indicators:

Unusual 802.11 action frame patterns
Multiple TID-to-link mapping frames from single source

SIEM Query:

Search for Wi-Fi interface error events or driver crash events in system logs

📊 Metadata

CVE ID: CVE-2024-33018

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-126

Published: August 5, 2024

Last Updated: November 20, 2024

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Immersive Home 214 Platform Firmware by Qualcomm

Immersive Home 216 Platform Firmware by Qualcomm

Immersive Home 316 Platform Firmware by Qualcomm

Immersive Home 318 Platform Firmware by Qualcomm

Immersive Home 3210 Platform Firmware by Qualcomm

Immersive Home 326 Platform Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq5300 Firmware by Qualcomm

Ipq5302 Firmware by Qualcomm

Ipq5312 Firmware by Qualcomm

Ipq5332 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Ipq9008 Firmware by Qualcomm

Ipq9554 Firmware by Qualcomm

Ipq9574 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6554a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8082 Firmware by Qualcomm

Qca8084 Firmware by Qualcomm

Qca8085 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca8386 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qcc2073 Firmware by Qualcomm

Qcc2076 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcf8000 Firmware by Qualcomm

Qcf8001 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn5022 Firmware by Qualcomm

Qcn5024 Firmware by Qualcomm

Qcn5052 Firmware by Qualcomm

Qcn5122 Firmware by Qualcomm

Qcn5124 Firmware by Qualcomm

Qcn5152 Firmware by Qualcomm