CVE-2024-33073

high-risk

Published 2024-10-07

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

Do I need to act?

0.12% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.2/10 High

NETWORK / LOW complexity

Wsa8845H Firmware

Wsa8845 Firmware

Wsa8840 Firmware

Wsa8835 Firmware

Wsa8832 Firmware

Wsa8830 Firmware

Wcd9395 Firmware

Wcd9390 Firmware

Wcd9385 Firmware

Wcd9380 Firmware

Wcd9375 Firmware

Wcd9370 Firmware

Wcd9340 Firmware

Sxr2250P Firmware

Sxr2230P Firmware

Sxr1230P Firmware

Ssg2125P Firmware

Ssg2115P Firmware

Srv1M Firmware

Srv1L Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-...

/ 100

high-risk

Severity 28/34 · Critical

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical