NIST 800-53 r5 · Controls catalogue · Family SC
SC-45System Time Synchronization
Synchronize system clocks within and between systems and system components.
Last updated: 04 July 2026 00:28 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: partial · 1 mapping(s) from 1 framework(s): ASVS 5.0 1 (partial)
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (4)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-295 | Improper Certificate Validation | 1,683 | Correct system time is required for proper enforcement of certificate notBefore/notAfter dates and time-based revocation checks. |
CWE-345 | Insufficient Verification of Data Authenticity | 699 | Time synchronization supports reliable freshness verification when checking data authenticity across systems or components. |
CWE-613 | Insufficient Session Expiration | 642 | Consistent clocks across systems allow session expiration and timeout enforcement to function as intended in distributed environments. |
CWE-294 | Authentication Bypass by Capture-replay | 280 | Accurate synchronized time enables tight timestamp windows that directly limit capture-replay windows in authentication protocols. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
CVE-2024-42861 | 5.5 | 7.5 | 0.0156 | good |
CVE-2026-40093 | 5.5 | 8.1 | 0.0031 | partial |