{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-9054","assignerOrgId":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","state":"PUBLISHED","assignerShortName":"Microchip","dateReserved":"2024-09-20T18:55:57.827Z","datePublished":"2024-10-04T19:42:44.129Z","dateUpdated":"2025-08-29T20:24:45.480Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["Configuration"],"product":"TimeProvider 4100","vendor":"Microchip","versions":[{"lessThan":"2.4.7","status":"affected","version":"1.0","versionType":"firmware"}]}],"credits":[{"lang":"en","type":"finder","value":"Armando Huesca Prida"},{"lang":"en","type":"finder","value":"Marco Negro"},{"lang":"en","type":"finder","value":"Antonio Carriero"},{"lang":"en","type":"finder","value":"Vito Pistillo"},{"lang":"en","type":"finder","value":"Davide Renna"},{"lang":"en","type":"finder","value":"Manuel Leone"},{"lang":"en","type":"finder","value":"Massimiliano Brolli"},{"lang":"en","type":"reporter","value":"TIM Security Red Team Research"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.<p>This issue affects TimeProvider 4100: from 1.0 before 2.4.7.</p>"}],"value":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7."}],"impacts":[{"capecId":"CAPEC-248","descriptions":[{"lang":"en","value":"CAPEC-248 Command Injection"}]}],"metrics":[{"cvssV4_0":{"Automatable":"YES","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.5,"baseSeverity":"HIGH","privilegesRequired":"LOW","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"ACTIVE","valueDensity":"CONCENTRATED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","shortName":"Microchip","dateUpdated":"2025-08-29T20:24:45.480Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-rce-through-configuration-file"},{"tags":["third-party-advisory"],"url":"https://www.gruppotim.it/it/footer/red-team.html"}],"source":{"advisory":"PSIRT-82","discovery":"EXTERNAL"},"timeline":[{"lang":"en","time":"2024-06-27T11:03:00.000Z","value":"Reported"}],"title":"Remote code Execution inTimeProvider® 4100","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div><div>It is important to note that the web interface is only available on a physically separate management port, and these vulnerabilities have no impact on the timing service ports. For added security, users have the option to disable the web interface, further protecting the device from potential web-based exploits.</div></div>\n\n<br>"}],"value":"It is important to note that the web interface is only available on a physically separate management port, and these vulnerabilities have no impact on the timing service ports. For added security, users have the option to disable the web interface, further protecting the device from potential web-based exploits."}],"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"affected":[{"vendor":"microchip","product":"timeprovider_4100_firmware","cpes":["cpe:2.3:o:microchip:timeprovider_4100_firmware:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"2.4.7","versionType":"custom"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-04T21:24:59.715765Z","id":"CVE-2024-9054","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-04T22:16:03.570Z"}}]}}