7.5
HIGH
CVE-2023-33105
Intel Wireless LAN Receiving Denial of Service Vulnerability
Description

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.

INFO

Published Date :

March 4, 2024, 11:15 a.m.

Last Modified :

Nov. 21, 2024, 8:04 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2023-33105 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-33105 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Qualcomm qca6391_firmware
2 Qualcomm wcd9380_firmware
3 Qualcomm wcd9385_firmware
4 Qualcomm wcn3980_firmware
5 Qualcomm wsa8810_firmware
6 Qualcomm wsa8815_firmware
7 Qualcomm wsa8830_firmware
8 Qualcomm wsa8835_firmware
9 Qualcomm ar8035_firmware
10 Qualcomm ar9380_firmware
11 Qualcomm csr8811_firmware
12 Qualcomm flight_rb5_5g_platform_firmware
13 Qualcomm immersive_home_214_platform_firmware
14 Qualcomm immersive_home_216_platform_firmware
15 Qualcomm immersive_home_316_platform_firmware
16 Qualcomm immersive_home_318_platform_firmware
17 Qualcomm ipq4018_firmware
18 Qualcomm ipq4028_firmware
19 Qualcomm ipq4029_firmware
20 Qualcomm ipq5010_firmware
21 Qualcomm ipq5028_firmware
22 Qualcomm ipq6000_firmware
23 Qualcomm ipq6010_firmware
24 Qualcomm ipq6018_firmware
25 Qualcomm ipq6028_firmware
26 Qualcomm ipq8064_firmware
27 Qualcomm ipq8065_firmware
28 Qualcomm ipq8068_firmware
29 Qualcomm ipq8070_firmware
30 Qualcomm ipq8070a_firmware
31 Qualcomm ipq8071_firmware
32 Qualcomm ipq8071a_firmware
33 Qualcomm ipq8072_firmware
34 Qualcomm ipq8072a_firmware
35 Qualcomm ipq8074_firmware
36 Qualcomm ipq8074a_firmware
37 Qualcomm ipq8076_firmware
38 Qualcomm ipq8076a_firmware
39 Qualcomm ipq8078_firmware
40 Qualcomm ipq8078a_firmware
41 Qualcomm ipq8173_firmware
42 Qualcomm ipq8174_firmware
43 Qualcomm ipq9008_firmware
44 Qualcomm ipq9574_firmware
45 Qualcomm pmp8074_firmware
46 Qualcomm qca4024_firmware
47 Qualcomm qca6428_firmware
48 Qualcomm qca6438_firmware
49 Qualcomm qca8072_firmware
50 Qualcomm qca8075_firmware
51 Qualcomm qca8081_firmware
52 Qualcomm qca8082_firmware
53 Qualcomm qca8084_firmware
54 Qualcomm qca8085_firmware
55 Qualcomm qca8337_firmware
56 Qualcomm qca8386_firmware
57 Qualcomm qca9886_firmware
58 Qualcomm qca9888_firmware
59 Qualcomm qca9889_firmware
60 Qualcomm qca9898_firmware
61 Qualcomm qca9980_firmware
62 Qualcomm qca9984_firmware
63 Qualcomm qca9985_firmware
64 Qualcomm qca9986_firmware
65 Qualcomm qca9990_firmware
66 Qualcomm qca9992_firmware
67 Qualcomm qca9994_firmware
68 Qualcomm qcm4490_firmware
69 Qualcomm qcn5021_firmware
70 Qualcomm qcn5022_firmware
71 Qualcomm qcn5024_firmware
72 Qualcomm qcn5052_firmware
73 Qualcomm qcn5054_firmware
74 Qualcomm qcn5122_firmware
75 Qualcomm qcn5124_firmware
76 Qualcomm qcn5152_firmware
77 Qualcomm qcn5154_firmware
78 Qualcomm qcn5164_firmware
79 Qualcomm qcn6023_firmware
80 Qualcomm qcn6024_firmware
81 Qualcomm qcn6100_firmware
82 Qualcomm qcn6102_firmware
83 Qualcomm qcn6112_firmware
84 Qualcomm qcn6122_firmware
85 Qualcomm qcn6132_firmware
86 Qualcomm qcn9000_firmware
87 Qualcomm qcn9001_firmware
88 Qualcomm qcn9002_firmware
89 Qualcomm qcn9003_firmware
90 Qualcomm qcn9011_firmware
91 Qualcomm qcn9012_firmware
92 Qualcomm qcn9022_firmware
93 Qualcomm qcn9024_firmware
94 Qualcomm qcn9070_firmware
95 Qualcomm qcn9072_firmware
96 Qualcomm qcn9074_firmware
97 Qualcomm qcn9100_firmware
98 Qualcomm qcn9274_firmware
99 Qualcomm qcs4490_firmware
100 Qualcomm qrb5165m_firmware
101 Qualcomm qrb5165n_firmware
102 Qualcomm sdx55_firmware
103 Qualcomm snapdragon_x65_5g_modem-rf_system_firmware
104 Qualcomm wcd9340_firmware
105 Qualcomm wcd9370_firmware
106 Qualcomm wcn3950_firmware
107 Qualcomm wsa8832_firmware
108 Qualcomm sdx65m_firmware
109 Qualcomm fastconnect_6900_firmware
110 Qualcomm fastconnect_7800_firmware
111 Qualcomm fastconnect_6700_firmware
112 Qualcomm ipq4019_firmware
113 Qualcomm qca7500_firmware
114 Qualcomm qca9880_firmware
115 Qualcomm qcn5064_firmware
116 Qualcomm qcn5550_firmware
117 Qualcomm ipq6005_firmware
118 Qualcomm qcn5121_firmware
119 Qualcomm qca0000_firmware
120 Qualcomm qcs8550_firmware
121 Qualcomm qcc710_firmware
122 Qualcomm robotics_rb5_platform_firmware
123 Qualcomm immersive_home_3210_platform_firmware
124 Qualcomm immersive_home_326_platform_firmware
125 Qualcomm ipq9554_firmware
126 Qualcomm ipq9570_firmware
127 Qualcomm qcn9013_firmware
128 Qualcomm wcd9390_firmware
129 Qualcomm wcd9395_firmware
130 Qualcomm wsa8840_firmware
131 Qualcomm wsa8845_firmware
132 Qualcomm wsa8845h_firmware
133 Qualcomm sg8275p_firmware
134 Qualcomm ipq5332_firmware
135 Qualcomm qcf8001_firmware
136 Qualcomm qcn6224_firmware
137 Qualcomm qcn6274_firmware
138 Qualcomm qfw7114_firmware
139 Qualcomm qfw7124_firmware
140 Qualcomm snapdragon_x75_5g_modem-rf_system_firmware
141 Qualcomm sc8380xp_firmware
142 Qualcomm qcf8000_firmware
143 Qualcomm snapdragon_8_gen_3_mobile_platform_firmware
144 Qualcomm ipq5302_firmware
145 Qualcomm ipq5312_firmware
146 Qualcomm qcn6402_firmware
147 Qualcomm qcn6412_firmware
148 Qualcomm qcn6422_firmware
149 Qualcomm qcn6432_firmware
: Total Affected Vendor : 1 | Products : 149
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-33105.

URL Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin
https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware

This repository contains the exploit code for CVE-2023-33105, a vulnerability identified in Qualcomm devices. The exploit leverages authentication frames to perform a denial of service (DoS) attack on a target access point (AP) by sending a large number of open authentication frames with an invalid transaction sequence number.

Python

Updated: 6 months, 1 week ago
2 stars 0 fork 0 watcher
Born at : June 10, 2024, 5:20 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-33105 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-33105 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Apr. 12, 2024

    Action Type Old Value New Value
    Added CWE Qualcomm, Inc. CWE-16
  • CVE Received by [email protected]

    Mar. 04, 2024

    Action Type Old Value New Value
    Added Description Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
    Added Reference Qualcomm, Inc. https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin [No types assigned]
    Added CVSS V3.1 Qualcomm, Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-33105 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-33105 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: