Cyber Resilience

CVE-2024-45558

High

Published: 06 January 2025

Published
06 January 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0031 54.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-45558 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 45.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2024-45558 is a vulnerability in a Qualcomm driver that enables a transient denial-of-service (DoS) condition. It arises when the driver parses the per-station (STA) profile Information Element (IE) and attempts to access the EXTN element ID without first validating the IE length, resulting in a buffer over-read. This issue maps to CWE-126 (Buffer Over-read) and CWE-125 (Out-of-bounds Read), with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high-impact availability disruption without confidentiality or integrity effects.

A remote, unauthenticated attacker can exploit this vulnerability by crafting and transmitting a malicious per-STA profile IE to a vulnerable device. Successful exploitation triggers the unsafe access during IE parsing, causing a transient DoS that disrupts the affected driver's functionality, such as Wi-Fi connectivity, without requiring user interaction or privileges.

Qualcomm's January 2025 security bulletin provides details on affected products and recommended mitigations, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html.

EU & UK References

Vulnerability details

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Buffer over-read in network packet parsing directly enables remote unauthenticated DoS via crafted IE, mapping to application/system exploitation for endpoint denial of service.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-49839Same product: Qualcomm Ar8035
CVE-2024-45569Same product: Qualcomm Ar8035
CVE-2024-38404Same product: Qualcomm Ar8035
CVE-2026-21367Same product: Qualcomm Ar8035
CVE-2026-21381Same product: Qualcomm Ar8035
CVE-2024-49838Same product: Qualcomm Ar8035
CVE-2024-53027Same product: Qualcomm Ar8035
CVE-2024-45571Same product: Qualcomm Ar8035
CVE-2025-21427Same product: Qualcomm Fastconnect 6700
CVE-2024-45546Same product: Qualcomm Fastconnect 6900

Affected Assets

qualcomm
ar8035 firmware
all versions
qualcomm
csr8811 firmware
all versions
qualcomm
fastconnect 6700 firmware
all versions
qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
immersive home 214 firmware
all versions
qualcomm
immersive home 216 firmware
all versions
qualcomm
immersive home 316 firmware
all versions
qualcomm
immersive home 318 firmware
all versions
qualcomm
immersive home 3210 firmware
all versions
+173 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the buffer over-read vulnerability by requiring timely application of Qualcomm vendor patches to remediate the unsafe IE length check in the driver.

prevent

Requires validation of per-STA profile IE lengths prior to accessing the EXTN element ID, preventing buffer over-reads from malformed wireless inputs.

prevent

Protects against the transient DoS effects of the vulnerability by implementing mechanisms to limit availability disruptions from crafted malicious IEs.

References