Problem: A vulnerability was discovered in certain NTP implementations, specifically as described in, https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9294,
"util/ntp-keygen.c in ntp-keygen before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic mechanisms via brute-force attacks."
Analysis: The NTP (SNTP) implementation in the NET+OS development environment does not utilize SSL in the sending and receiving of packets. Thus it is not vulnerable to this attack.
Customer actions: No customer actions are required.
"Vulnerability Summary for CVE-2014-9294". NIST. National Vulnerability Database.
Last updated: Aug 08, 2017