CVE-2022-31463

Name of the Vulnerable Software and Affected Versions Owl Labs Meeting Owl version 5.2.0.15

Description The issue is related to improper authentication. Specifically, Owl Labs Meeting Owl does not require a password for Bluetooth commands because it only uses client-side authentication.

Recommendations For version 5.2.0.15, consider disabling Bluetooth commands until a patch is available to mitigate the risk of exploitation. Restrict access to Bluetooth functionality to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.