Primary

Context

Microchip Time Provider 4100 OS Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in Microchip Time Provider 4100 Grandmaster versions prior to 2.5. This vulnerability allows authenticated users to execute arbitrary system commands through the management web interface.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the system.

Remediation

Users are strongly recommended to upgrade to version 2.5 or newer. For added security, the web interface can be disabled or not exposed to untrusted networks.

Added: Oct 20, 2025, 6:22 PM

Updated: Oct 20, 2025, 6:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.1

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.1

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microchip Time Provider 4100 OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating