CPSEC-425 Vulnerability Alert | Cradlepoint

New NetCloud SASE service simplifies zero trust security and traffic optimization Learn more

CPSEC-425 Vulnerability Alert

2021-05-28 15:34:17

SUMMARY:

Cradlepoint's MC20BT, Bluetooth^® wireless technology Low Energy 5.1 Module, was released January 2021 and is compatible with E3000 and E300 Enterprise Branch routers. The MC20BT is vulnerable to CVE-2020-26558 (patched in NCOS version 7.21.40) and VU#799380.5 (patched in NCOS version 7.21.20).

Public Disclosure: https://kb.cert.org/vuls/id/799380

Recommendations:

If you are using the MC20BT with an Enterprise series router, Cradlepoint recommends upgrading to NCOS version 7.21.40 or higher. For more information regarding upgrading your Cradlepoint device, visit our knowledgebase: https://docs.cradlepoint.com/r/Best-Practice-Updating-Router-NCOS-and-Modem-Firmware