24 matches found
CVE-2025-9497
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
EUVD-2025-209112
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
CVE-2025-9497
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
CVE-2025-9497 Hardcoded Upgrade Decryption Passwords
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
CVE-2025-9497
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
CVE-2025-9497
The CVE-2025-9497 entry concerns Microchip Time Provider 4100 (before 2.5.0) with a hard-coded upgrade decryption password vulnerability that enables a malicious manual software update. The affected component is the upgrade/decryption mechanism, due to hard-coded credentials, which can be exploit...
CVE-2025-9497 Hardcoded Upgrade Decryption Passwords
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
PT-2026-28307
Name of the Vulnerable Software and Affected Versions Microchip Time Provider 4100 versions prior to 2.5.0 Description A use of hard-coded credentials issue exists in Microchip Time Provider 4100, potentially allowing for malicious manual software updates. Recommendations Update Microchip Time...
CVE-2025-47904
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47904 Unsigned upgrade package
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47904 Unsigned upgrade package
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
Microchip Time Provider 4100 安全漏洞
Microchip Time Provider 4100 is a precision time gateway developed by the American company Microchip. Versions prior to 2.5 of Microchip Time Provider 4100 contained security vulnerabilities. These vulnerabilities stemmed from the lack of integrity checks during code downloads, which could lead t...
CVE-2025-47900
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47902
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47900
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47901
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47902 SQL Injection in web resource
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5...
EUVD-2025-35090
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47901
Microchip Time Provider 4100 devices are affected by an OS Command Injection due to improper neutralization of special elements. The issue affects Time Provider 4100: before 2.5. The CVSS data indicates remote exploitation over the network with low privileges and no user interaction. Exploitation...
CVE-2025-47901 RCE on restore configuration password
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5...