CVE-2025-47904
Title: Download of Code Without Integrity Check in Microchip Time Provider 4100
Other
Proof Of Concept
No public PoC currently indexed for CVE-2025-47904.
CWE Category
CWE-494
Published Date
Feb 24, 2026
Modified Date
Mar 31, 2026
Exploit Status
Not Found
Score
5.7
CVSS v4.0
Exploit Probability (EPSS)
0.00%
Vulnerability Summary
CVE-2025-47904: Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.
CVSS v4.0
Source Entity
dc3f6da9-85b5-4a73-84a2-2ec90b40fca5
Severity
MEDIUM
5.7
Attack Vector
LOCAL
Complexity
HIGH
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
N/A
RAW VECTOR
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1
Source Entity
[email protected]
Severity
MEDIUM
4.1
Attack Vector
LOCAL
Complexity
HIGH
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2025-47904 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
Attack Vector Matrix
Access Vector
LOCAL
Complexity
HIGH
Privileges
N/A
Interaction
NONE
CVSS Vector String
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Stack
No specific products linked.