CPSEC-425 Vulnerability Alert
Cradlepoint's MC20BT, Bluetooth® wireless technology Low Energy 5.1 Module, was released January 2021 and is compatible with E3000 and E300 Enterprise Branch routers. The MC20BT is vulnerable to CVE-2020-26558 (patched in NCOS version 7.21.40) and VU#799380.5 (patched in NCOS version 7.21.20).
Public Disclosure: https://kb.cert.org/vuls/id/799380
If you are using the MC20BT with an Enterprise series router, Cradlepoint recommends upgrading to NCOS version 7.21.40 or higher. For more information regarding upgrading your Cradlepoint device, visit our knowledgebase: https://customer.cradlepoint.com/s/article/Best-Practice-Stairstepping-NCOS-Upgrades