An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).
References
Link | Resource |
---|---|
https://github.com/ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B | Exploit Third Party Advisory |
https://www.nokia.com/notices/responsible-disclosure/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Sep 2022, 14:05
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B - Exploit, Third Party Advisory | |
References | (MISC) https://www.nokia.com/notices/responsible-disclosure/ - Vendor Advisory | |
First Time |
Nokia
Nokia fastmile 5g Receiver Firmware Nokia fastmile 5g Receiver |
|
CWE | NVD-CWE-Other | |
CPE | cpe:2.3:o:nokia:fastmile_5g_receiver_firmware:1.2104.00.0281:*:*:*:*:*:*:* cpe:2.3:h:nokia:fastmile_5g_receiver:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
15 Sep 2022, 12:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-15 12:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-38788
Mitre link : CVE-2022-38788
CVE.ORG link : CVE-2022-38788
JSON object : View
Products Affected
nokia
- fastmile_5g_receiver
- fastmile_5g_receiver_firmware
CWE