CVE-2024-33068

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 4, 2024

Updated: Nov 7, 2024

CWE ID 416

Summary

CVE-2024-33068 is a newly disclosed vulnerability that affects wireless networking equipment. The issue arises when parsing fragments of MBSSID Information Element (IE) from beacon frames. An attacker can exploit this vulnerability to cause a Transient Denial of Service (DoS) condition. The MBSSID IE is used to identify the Basic Service Set (BSS) in IEEE 802.11 networks, and the vulnerable parsing process allows an attacker to trigger a denial of service condition by sending specially crafted beacon frames. Network administrators are advised to apply patches or updates to affected equipment as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database