CVE-2023-33112

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 2, 2024
Updated: Apr 12, 2024
CWE ID 126

Summary

CVE-2023-33112 refers to a Transient Denial of Service (DoS) vulnerability affecting WLAN firmware. The issue arises when the firmware receives a maliciously crafted "reassoc response" frame containing a RIC_DATA element. Upon processing this frame, the firmware becomes unresponsive, leading to a temporary DoS condition. Attackers can exploit this vulnerability by sending specially crafted frames to the affected device, causing it to become unresponsive and denying legitimate network access to users. This issue necessitates immediate patching to prevent potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share