Tandf

**Name of the Vulnerable Software and Affected Versions** ntpd driver component versions prior to 1.3.0 ntpd driver component 2.x versions prior to 2.2.0 **Description** The issue allows attackers who control the source code of a different node in the same ROS application to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled `time ref topic` parameter. **Recommendations** For ntpd driver component versions prior to 1.3.0, update to version 1.3.0 or later. For ntpd driver component 2.x versions prior to 2.2.0, update to version 2.2.0 or later. As a temporary workaround, consider restricting access to the `time ref topic` parameter to minimize the risk of exploitation.