CVE-2022-38788

Name of the Vulnerable Software and Affected Versions Nokia FastMile 5G Receiver 5G14-B version 1.2104.00.0281

Description An issue was discovered in the Bluetooth pairing mechanism of the Nokia ODU, which uses outdated pairing mechanisms. This allows an attacker to passively intercept a pairing handshake and, after offline cracking, retrieve the PIN and long-term key (LTK).

Recommendations For Nokia FastMile 5G Receiver 5G14-B version 1.2104.00.0281, consider disabling Bluetooth until a patch or update is available to address the outdated pairing mechanisms. Restrict access to the Bluetooth functionality to minimize the risk of exploitation. Avoid using the device's Bluetooth feature for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.