Replay attacks come to mind (a credential valid for five minutes oh hey it's valid again now) but if an attacker can change the system time you probably have more important things to worry about, such as them having root or worse.