CVE-2022-38788
First published: Thu Sep 15 2022(Updated: )
An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| =1.2104.00.0281 | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID is CVE-2022-38788.
What is the severity rating of CVE-2022-38788?
The severity rating of CVE-2022-38788 is medium with a score of 4.3.
What is the affected software and version?
The affected software and version is Nokia FastMile 5G Receiver Firmware 1.2104.00.0281.
How does the vulnerability in Nokia FastMile 5G Receiver work?
The vulnerability allows an attacker to passively intercept a pairing handshake and retrieve the PIN and LTK (long-term key) through outdated Bluetooth pairing mechanisms.
Is there a fix available for this vulnerability?
Please refer to the official Nokia website (https://www.nokia.com/notices/responsible-disclosure/) for information on any available fixes or patches.
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/nokia