Main Vulnerability Database SB2025042906

SB2025042906 - Insufficient Session Expiration in ALBEDO Telecom Net.Time - PTP/NTP Clock

Published: April 29, 2025

Security Bulletin ID SB2025042906

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Insufficient Session Expiration (CVE-ID: CVE-2025-2185)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficient session expiration issue. A remote user can transmit passwords over unencrypted connections, leading to the affected product becoming vulnerable to interception.

Remediation

Install update from vendor's website.

References

https://www.albedotelecom.com/contactus.php
https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-02