CVE-2025-47902

UNKNOWN 0.0

SQL Injection in web resource

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

9th

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5.

CWE	CWE-89
Vendor	microchip
Product	time provider 4100
Published	Oct 20, 2025
Last Updated	Mar 31, 2026

Stay Ahead of the Next One

Get instant alerts for microchip time provider 4100

Be the first to know when new unknown vulnerabilities affecting microchip time provider 4100 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Microchip / Time Provider 4100

0 < 2.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

microchip.com: https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-remote-sql-command-injection-47902 gruppotim.it: https://www.gruppotim.it/en/footer/TIM-red-team.html

Credits

Dario Emilio Bertani Raffaele Bova Andrea Sindoni Simone Bossi Antonio Carriero Marco Manieri Vito Pistillo Davide Renna Manuel Leone Massimiliano Brolli 🔍 TIM Security Red Team Research (TIM S.p.A)