ALBEDO Telecom Net.Time - PTP/NTP clock

Plan PatchCVSS 8ICS-CERT ICSA-25-114-02Apr 24, 2025

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

ALBEDO Net.Time PTP/NTP clock software version 1.4.4 transmits passwords over unencrypted connections, making them vulnerable to interception on the local network. An attacker who obtains credentials this way could access the device's management interface and modify synchronization settings, network configuration, or operational parameters. The vulnerability is rooted in the failure to encrypt authentication traffic (CWE-613: Improper Validation of Unlisted Inputs).

What this means

What could happen

An attacker with network access to the Net.Time clock could intercept unencrypted password transmissions, potentially gaining administrative access to alter timing configurations that synchronize your SCADA, HMI, and process control systems. Loss of accurate time synchronization can disrupt automated operations, cause log inconsistencies, and prevent proper alarm sequencing.

Who's at risk

Water utilities and electric utilities using ALBEDO Net.Time PTP/NTP clocks for master time synchronization of SCADA systems, RTUs, and process historians. Facilities relying on the device for log timestamp accuracy and alarm sequencing are most impacted. This affects any organization where timing precision is critical to operational safety or compliance logging.

How it could be exploited

An attacker on the same network or with network visibility to the Net.Time device captures unencrypted credentials being transmitted during password entry or authentication. With these credentials, the attacker logs in to the device's management interface and modifies timing settings, network parameters, or synchronization behavior to disrupt dependent systems.

Prerequisites

Network access to the Net.Time device (same subnet or routable network)
Valid user credentials (obtained through password interception or other means)
Ability to reach the device's management interface (typically web UI or direct connection)

remotely exploitableunencrypted credentials transmissionrequires valid credentials but credentials easily interceptedaffects critical timing infrastructuremedium EPSS score

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

Net.Time - PTP/NTP clock (Serial No. NBC0081P): Software__1.4.4Software 1.4.4v1.6.1

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to the Net.Time management interface using firewall rules (e.g., only allow access from authorized engineering workstations or operator networks)

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Net.Time software from version 1.4.4 to version 1.6.1 or later

Long-term hardening

0/2

HARDENINGIsolate the Net.Time clock on a dedicated timekeeping network segment separate from general SCADA/control systems until patched

HARDENINGEnsure all management connections to Net.Time occur over encrypted channels (HTTPS, SSH) if supported by firmware

CVEs (1)

CVE-2025-2185

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/92305b25-cfb3-473f-9ddc-01d660806185

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.