CVE-2022-38788

An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
nokiafastmile_5g_receiver_firmware
1.2104.00.0281
𝑥
= Vulnerable software versions
References
https://github.com/ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B
https://www.nokia.com/notices/responsible-disclosure/
https://github.com/ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B
https://www.nokia.com/notices/responsible-disclosure/