CVE-2024-45558
Published: 06 January 2025
Summary
CVE-2024-45558 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 45.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2024-45558 is a vulnerability in a Qualcomm driver that enables a transient denial-of-service (DoS) condition. It arises when the driver parses the per-station (STA) profile Information Element (IE) and attempts to access the EXTN element ID without first validating the IE length, resulting in a buffer over-read. This issue maps to CWE-126 (Buffer Over-read) and CWE-125 (Out-of-bounds Read), with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high-impact availability disruption without confidentiality or integrity effects.
A remote, unauthenticated attacker can exploit this vulnerability by crafting and transmitting a malicious per-STA profile IE to a vulnerable device. Successful exploitation triggers the unsafe access during IE parsing, causing a transient DoS that disrupts the affected driver's functionality, such as Wi-Fi connectivity, without requiring user interaction or privileges.
Qualcomm's January 2025 security bulletin provides details on affected products and recommended mitigations, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-41266
Vulnerability details
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer over-read in network packet parsing directly enables remote unauthenticated DoS via crafted IE, mapping to application/system exploitation for endpoint denial of service.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the buffer over-read vulnerability by requiring timely application of Qualcomm vendor patches to remediate the unsafe IE length check in the driver.
Requires validation of per-STA profile IE lengths prior to accessing the EXTN element ID, preventing buffer over-reads from malformed wireless inputs.
Protects against the transient DoS effects of the vulnerability by implementing mechanisms to limit availability disruptions from crafted malicious IEs.