CVE-2025-2185

HIGH

ALBEDO Telecom Net.Time - PTP/NTP clock <1.4.4 - Info Disclosure

Title source: llm

Description

ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception.

References (2)

[Various Sources] https://www.albedotelecom.com/contactus.php

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-02

Scores

CVSS v3 8.0

EPSS 0.0020

EPSS Percentile 41.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-613

Status published

Products (1)

ALBEDO Telecom/Net.Time - PTP/NTP clock (Serial No. NBC0081P) 1.4.4

Published Apr 25, 2025

Tracked Since Feb 18, 2026