Description
A low privileged user can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes some functions to work unexpected or stop working at all. Both during runtime and after a restart.
Reserved 2024-12-19 | Published 2025-04-16 | Updated 2025-04-16 | Assigner
CERTVDEMEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Problem types
CWE-190 Integer Overflow or Wraparound
Product status
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 3.10.11
affected
Default status
unaffected
Any version before 03.10.11
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 3.10.11
affected
Default status
unaffected
Any version before 03.10.11
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Default status
unaffected
Any version before 04.07.01
affected
Credits
Marcus Kramhöller from Noris Automatio GmbH finder
References
cert.vde.com/en/advisories/VDE-2025-007
cve.org (CVE-2025-0101)
nvd.nist.gov (CVE-2025-0101)
Download JSON