Several vulnerabilities in Meinberg LANTIME Firmware closed – MBGSA-2022.01
05th April 2022
Meinberg have fixed several vulnerabilities related to their NTP Time Server in LANTIME firmware versions 7.04.015 and 6.24.030.
The firmware updates not only closes the vulnerabilities in the OpenSSL (CVE-2022-0778) and Expat (CVE-2022-23990, CVE-2022-23990, CVE-2022-23852, CVE-2022-25315, CVE-2022-25314, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235) libraries, but also two vulnerabilities in the Meinberg REST-APIs. For further details, please click Meinbergs Advisory.
We therefore recommend to install the latest firmware on all Meinberg NTP Time Servers of the affected LANTIME series, in accordance with the Meinberg Advisory.
If you have further questions on this matter or if you require support, please contact our Customer Support.
Our RSS feed always keeps you up to date! This way, you’ll receive same-day notification when a new article has been posted to the IT Security Bulletin. Just enter the following link in your feed reader:
You can find out how to integrate the RSS feed into Outlook here.