CVE-2024-23364

high-risk

Published 2024-09-02

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).

Do I need to act?

0.23% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

Ar8035 Firmware

Fastconnect 6200 Firmware

Fastconnect 6700 Firmware

Fastconnect 6800 Firmware

Fastconnect 6900 Firmware

Qca6777Aq Firmware

Qca6787Aq Firmware

Qca6797Aq Firmware

Qca8075 Firmware

Qca8081 Firmware

Qca8082 Firmware

Qca8084 Firmware

Qca8085 Firmware

Qca8337 Firmware

Qca8386 Firmware

Qcc2073 Firmware

Qcc2076 Firmware

Qcc710 Firmware

Qcf8000 Firmware

Qcf8001 Firmware

Affected Vendors

Qualcomm

References (1)

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/september-202...

/ 100

high-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical