cvedb.io
CVE-2024-9054
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2024-10-04T20:15:07.587 · Last modified 2026-06-17T08:23:51.863

Summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.

Affected products

microchip — timeprovider_4100_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when microchip ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.