CVE-2024-33049
📋 TL;DR
This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted beacon frames with specific Extension element parameters. It affects systems using Qualcomm Wi-Fi chipsets that process these malformed frames, potentially disrupting wireless connectivity.
💻 Affected Systems
- Qualcomm Wi-Fi chipsets and devices using them
📦 What is this software?
Immersive Home 214 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 214 Platform Firmware →
Immersive Home 216 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 216 Platform Firmware →
Immersive Home 316 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 316 Platform Firmware →
Immersive Home 318 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 318 Platform Firmware →
Immersive Home 3210 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 3210 Platform Firmware →
Immersive Home 326 Platform Firmware by Qualcomm
View all CVEs affecting Immersive Home 326 Platform Firmware →
Snapdragon 680 4g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 680 4g Mobile Platform Firmware →
Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 685 4g Mobile Platform \(sm6225 Ad\) Firmware →
Snapdragon Auto 5g Modem Rf Firmware by Qualcomm
View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →
Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm
View all CVEs affecting Snapdragon Auto 5g Modem Rf Gen 2 Firmware →
Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →
Snapdragon X65 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →
⚠️ Risk & Real-World Impact
Worst Case
Complete disruption of Wi-Fi connectivity on affected devices, requiring reboot to restore functionality.
Likely Case
Temporary Wi-Fi disconnection or performance degradation until the malformed frame processing stops.
If Mitigated
Minimal impact with proper network segmentation and monitoring in place.
🎯 Exploit Status
Exploitation requires sending malformed beacon frames to target Wi-Fi interface.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check device manufacturer for specific firmware/driver updates
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
Restart Required: Yes
Instructions:
1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches. 3. Update Wi-Fi driver if applicable. 4. Reboot device.
🔧 Temporary Workarounds
Disable vulnerable Wi-Fi features
allDisable beacon frame processing or specific Extension elements if supported
Device-specific; consult manufacturer documentation
Network segmentation
allIsolate Wi-Fi networks from critical infrastructure
🧯 If You Can't Patch
- Implement network monitoring for beacon frame anomalies
- Restrict physical access to wireless network areas
🔍 How to Verify
Check if Vulnerable:
Check device specifications against Qualcomm's affected chipset list in advisoryCheck Version:
Platform-specific: Windows: 'netsh wlan show drivers', Linux: Check driver/firmware version in system logsVerify Fix Applied:
Verify firmware/driver version matches patched versions from manufacturer📡 Detection & Monitoring
Log Indicators:
- Wi-Fi driver crashes
- Unexpected beacon frame processing errors
- Connection resets
Network Indicators:
- Unusual beacon frame patterns
- Excessive malformed management frames
SIEM Query:
Search for Wi-Fi driver crash events or beacon frame anomalies in wireless logs