CVE-2025-2185
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ALBEDO Telecom | Net.Time - PTP/NTP clock (Serial No. NBC0081P) | 1.4.4 | affected |
Weaknesses
- CWE-613: CWE-613 Insufficient Session Expiration
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-02
- https://www.albedotelecom.com/contactus.php
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.