CVE-2025-2185

ALBEDO Telecom Net.Time - PTP/NTP Clock Insufficient Session Expiration

CVSS 8.5 HIGHEPSS 0.3%CWE-613

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 8.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

24 abr 2025Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Productos afectados

ALBEDO Telecom · Net.Time - PTP/NTP clock (Serial No. NBC0081P)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.albedotelecom.com/contactus.php https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-02