Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-38788: GitHub - ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B

An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).

CVE
#vulnerability#git#nokia

Nokia-FastMile-5G-Receiver-5G14-B

CVE-2022-38788

AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L (5,5)

[Description]

An issue was discovered in Nokia FastMile 5G Receiver 5G14-B with software version 1.2104.00.0281.

Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).

[Vulnerability Type]

Incorrect Access Control

[Vendor of Product]

Nokia

[Affected Product Code Base]

Nokia FastMile 5G Receiver 5G14-B

Found in Software Version: 1.2104.00.0281

Pathed in: 1.2202.00.0266

[Attack Type Other]

Bluetooth

[Impact Information Disclosure]

true

[Has vendor confirmed or acknowledged the vulnerability?]

true

[Reference]

https://www.nokia.com/notices/responsible-disclosure/

Product page: https://www.nokia.com/networks/products/fastmile-5g-receiver/

[Discoverer]

Daniel Wong

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907