CVE-2025-2185HIGH 8.0EPSS p18.1%

CVE-2025-2185CVE-2025-2185

Description

ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception.

Scoring

CVSS 3.18.0 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS0.27% probability of exploitation · percentile 18.1% · 2026-06-19T12:03:05Z
Published2025-04-25
Last modified2026-04-15

Underlying weaknesses· 1

CWE-613

References

  1. https://www.albedotelecom.com/contactus.php
  2. https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-02

1

TypeTargetConfidenceTier
WeaknessInsufficient Session Expirationcwe-6130%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-64091
CVE
CVE-2026-1740
CVE
CVE-2025-50258
CVE
CVE-2025-22495
CVE
CVE-2025-8160
CVE
CVE-2025-28034
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.