Device ICMP Timestamp Vulnerability
Warning number: GL-2025-0004
Initial release time: 2025-8-20
Update release time: Released with version plan
Summary:
The remote host responds to ICMP timestamp requests. This allows the attacker to know the date set on the target computer, which could help an unauthenticated remote attacker defeat time-based authentication protocols.
This vulnerability has been assigned the CVE ID: CVE-1999-0524.
was discovered by the customer when using the Nessus vulnerability scanning tool.
Sphere of impact:
Affected versions and models:
NVR 8.2.3
NVR 8.2.4
NVR C1.2
NVR C1.3
IPC 8.2.3
IPC 8.2.4
IPC C1.2
IPC C1.3
| Name | Version | Model |
|---|---|---|
|
NVR
|
8.2.3 |
N7XXX N8XXX N63XX N6312X N88X N88SX D32XX D33XX2C D33XX D315X D3312X H7004 H32tXX |
|
NVR |
8.2.4 |
Same as above D75XX D75XX2C NA1XX |
|
NVR |
C1.2 |
Same as above |
|
NVR |
C1.3 |
Same as above H6312X |
|
IPC |
8.2.3 |
NT98528 SSC369G |
|
IPC |
8.2.4 |
SC335X SC327DE 339G 338G 30KQ 338Q NT98525 NT98528 NT98529 AX620A SC379G NT98566 SSC369G |
|
IPC |
C1.2 |
Same as above SSC339G NT98566 |
|
IPC |
C1.3 |
Same as above SSC369G NT98538 NT98539 |
Impact and consequences:
If there are services that authenticate through time , the identity authentication of these services will be weak , making them vulnerable to attacks by remote attackers , which may lead to service crashes or even privacy leaks.
Vulnerability Scoring:
Vulnerabilities are scored using the CVSSv2 scoring system ( http://www.first.org/cvss/ ).
and CVSSv3.x and CVSSv4.0 do not assign a score
Base Score: 2.1 LOW
Vector: (AV:L/AC:L/ Au:N /C:P/I:N/A:N)
Technical details:
Vulnerability details:
Allow ICMP information from any host, such as (1) network mask and (2) timestamp.
Temporary workaround:
After reviewing various authentication services, we found that there is no service that is completely dependent on the system time. Secondly, the device time is highly consistent with the world time . Therefore, no workaround plan is available for the time being, and it will be updated as planned later .
Solution and version update plan:
Solution:
The version is implemented as per the version plan , filtering out ICMP Timestamp Requests (13) and outgoing ICMP Timestamp Replies (14).
Old versions will not be updated.
Version update plan:
Updated with the new version of C1.4
Version acquisition method:
None
Vulnerability information sources and vulnerability exploitation:
We are currently not aware of any other public channels publishing the vulnerabilities mentioned in this article, nor are we aware of any cases where the vulnerabilities have been maliciously exploited.
Technical support channels:
None
Security Advisory Version Revision Information:
C1.4 version is under development.
FAQs:
None