CVE-2025-47904

UNKNOWN 0.0

Unsigned upgrade package

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.

CWE	CWE-494
Vendor	microchip
Product	time provider 4100
Published	Feb 24, 2026
Last Updated	Mar 31, 2026

Stay Ahead of the Next One

Get instant alerts for microchip time provider 4100

Be the first to know when new unknown vulnerabilities affecting microchip time provider 4100 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Microchip / Time Provider 4100

0 < 2.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

microchip.com: https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-unsigned-upgrade-vulnerability gruppotim.it: https://www.gruppotim.it/en/footer/TIM-red-team.html

Credits

Dario Emilio Bertani Raffaele Bova Andrea Sindoni Simone Bossi Antonio Carriero Marco Manieri Vito Pistillo Davide Renna Manuel Leone Massimiliano Brolli 🔍 TIM Security Red Team Research (TIM S.p.A)