en

Meinberg fixes several Vulnerabilities in LANTIME Firmware – MBGSA-2023.02b

23/03/2023 Update       

Security Advisory MBGSA-2023.02 has been updated by the vendor. Another not yet CVE-registered vulnerability was closed in the LTOS web interface.

Since the vulnerability can only be exploited by privileged super users, Meinberg rates the severity as low, but recommends an update to firmware version 7.06.013, see updated Meinberg Advisory.

14/03/2023

Meinberg have fixed several vulnerabilities related to their NTP Time Server in LANTIME firmware version 7.06.012.

The firmware update includes vulnerabilities in the following libraries:
curl (CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916), OpenSSL (CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286), libexpat (CVE-2022-43680) und sudo (CVE-2023-22809).

We recommend to install the latest firmware on all Meinberg NTP Time Servers of the affected LANTIME series, in accordance with the Meinberg Advisory.

If you have further questions on this matter or if you require support, please contact our Customer Support.

Call now
Call now +49 7243 218 0
Send Mail
Send Mail info@vivavis.com
Locations & Contact
Locations & Contact Explore now