PT-2025-30400 · Microchip · Timeprovider 4100+1
Andrea Sindoni
+8
·
Published
2025-07-22
·
Updated
2026-02-25
·
CVE-2025-47904
CVSS v4.0
5.7
Medium
| Vector | AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions
Microchip Time Provider 4100 versions prior to 2.5
Description
A flaw exists in Microchip Time Provider 4100 that permits malicious manual software updates due to a missing integrity check during code download.
Recommendations
Update to version 2.5 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Timeprovider 4100
Timeprovider 4100 Firmware