CVE-2024-45558

Q: What is the severity of CVE-2024-45558?

CVE-2024-45558 has a CVSS score of 7.5 (HIGH). This vulnerability in Qualcomm Wi-Fi drivers allows attackers to cause a denial-of-service (DoS) condition by sending specially crafted packets. The driver fails to properly validate the length of per-STA profile information elements before accessing extended element IDs, leading to system crashes. This affects devices using vulnerable Qualcomm Wi-Fi chipsets.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in Qualcomm Wi-Fi drivers allows attackers to cause a denial-of-service (DoS) condition by sending specially crafted packets. The driver fails to properly validate the length of per-STA profile information elements before accessing extended element IDs, leading to system crashes. This affects devices using vulnerable Qualcomm Wi-Fi chipsets.

💻 Affected Systems

Products:

Qualcomm Wi-Fi chipsets and associated drivers

Versions: Specific versions not publicly detailed; refer to Qualcomm January 2025 security bulletin

Operating Systems: Android, Linux, and other OS using Qualcomm Wi-Fi drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Devices must have Wi-Fi enabled and be within range of attacker. Enterprise access points and mobile devices are primary targets.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring reboot, potentially disrupting critical services on affected devices

🟠

Likely Case

Temporary Wi-Fi disconnection and system instability requiring manual intervention to restore functionality

🟢

If Mitigated

Minimal impact with proper network segmentation and intrusion prevention systems blocking malicious packets

🌐 Internet-Facing: MEDIUM - Attackers can exploit remotely if device has Wi-Fi enabled and is reachable

🏢 Internal Only: MEDIUM - Internal attackers or compromised devices on same network could trigger the vulnerability

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting specific malformed Wi-Fi packets. No authentication needed if device is within Wi-Fi range.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm January 2025 security bulletin for specific patched driver versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates. 2. Apply Qualcomm-provided driver updates. 3. Reboot device after patching. 4. Verify Wi-Fi functionality post-update.

🔧 Temporary Workarounds

Disable Wi-Fi when not needed

all

Turn off Wi-Fi radios on critical devices when wireless connectivity is not required

Implement network segmentation

all

Isolate Wi-Fi networks from critical infrastructure using VLANs and firewalls

🧯 If You Can't Patch

Deploy intrusion prevention systems to detect and block malformed Wi-Fi packets
Implement strict network access controls to limit Wi-Fi exposure to trusted devices only

🔍 How to Verify

Check if Vulnerable:

Check device specifications against Qualcomm's affected products list in January 2025 bulletin

Check Version:

Device-specific commands vary; generally check Wi-Fi driver version in system settings or via 'dmesg | grep -i qualcomm' on Linux systems

Verify Fix Applied:

Verify driver version matches patched versions listed in Qualcomm advisory and test Wi-Fi connectivity

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Wi-Fi driver crash messages
Unexpected system reboots

Network Indicators:

Unusual Wi-Fi disconnection patterns
Malformed 802.11 packets in network captures

SIEM Query:

source="kernel" AND ("panic" OR "crash") AND ("wifi" OR "qualcomm")

📊 Metadata

CVE ID: CVE-2024-45558

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-126

EPSS Score: 0.27% exploit probability (50.1th percentile)

Published: January 6, 2025

Last Updated: August 11, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Immersive Home 214 Firmware by Qualcomm

Immersive Home 216 Firmware by Qualcomm

Immersive Home 316 Firmware by Qualcomm

Immersive Home 318 Firmware by Qualcomm

Immersive Home 3210 Firmware by Qualcomm

Immersive Home 326 Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq5300 Firmware by Qualcomm

Ipq5302 Firmware by Qualcomm

Ipq5312 Firmware by Qualcomm

Ipq5332 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Ipq9008 Firmware by Qualcomm

Ipq9048 Firmware by Qualcomm

Ipq9554 Firmware by Qualcomm

Ipq9570 Firmware by Qualcomm

Ipq9574 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca0000 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6554a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6777aq Firmware by Qualcomm

Qca6787aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8082 Firmware by Qualcomm

Qca8084 Firmware by Qualcomm

Qca8085 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca8386 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qcc2073 Firmware by Qualcomm

Qcc2076 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcf8000 Firmware by Qualcomm

Qcf8000sfp Firmware by Qualcomm

Qcf8001 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm