Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
140 vulnerabilities by Gallagher
CVE-2026-25193 (GCVE-0-2026-25193)
Vulnerability from nvd – Published: 2026-05-25 05:28 – Updated: 2026-05-26 14:24
VLAI
Summary
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure.
Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.
Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of sensitive information into log file
Assigner
References
1 reference
Impacted products
14 products
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
9.40 , < 9.40.2575 (MR2)
(custom)
|
|
| Gallagher | Active Directory Sync |
Affected:
0 , < 9.10.05
(custom)
|
|
| Gallagher | Cardholder Sync Utility |
Affected:
0 , < 9.30.104
(custom)
|
|
| Gallagher | Diagnostics Service |
Affected:
0 , < 2.0.9
(custom)
|
|
| Gallagher | Elevator Service |
Affected:
0 , < 10.0.8
(custom)
|
|
| Gallagher | Encoding Kiosk Application |
Affected:
0 , < 9.60.10
(custom)
|
|
| Gallagher | Entra ID Sync |
Affected:
1.0 , < 1.0.10
(custom)
Affected: 2.0 , < 2.0.5 (custom) |
|
| Gallagher | Event Sync Utility |
Affected:
0 , < 8.70.62
(custom)
|
|
| Gallagher | Event Logger |
Affected:
0 , < 8.90.16
(custom)
|
|
| Gallagher | Middleware Framework |
Affected:
0 , < 8.90.34
(custom)
|
|
| Gallagher | Nexudus Integration |
Affected:
0 , < 9.60.21
(custom)
|
|
| Gallagher | Okta Sync |
Affected:
0 , < 9.40.05
(custom)
|
|
| Gallagher | Papercut Interface Integration |
Affected:
0 , < 9.60.02
(custom)
|
|
| Gallagher | SIP Integration |
Affected:
0 , < 10.1.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T14:24:00.870402Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T14:24:08.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.40.2575 (MR2)",
"status": "affected",
"version": "9.40",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Active Directory Sync",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.10.05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Cardholder Sync Utility",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.30.104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Diagnostics Service",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "2.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Elevator Service",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "10.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Encoding Kiosk Application",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.60.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Entra ID Sync",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "1.0.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
},
{
"lessThan": "2.0.5",
"status": "affected",
"version": "2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Event Sync Utility",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "8.70.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Event Logger",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "8.90.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Middleware Framework",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "8.90.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Nexudus Integration",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.60.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Okta Sync",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.40.05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Papercut Interface Integration",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.60.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "SIP Integration",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "10.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eInsertion of Sensitive Information into Log File (CWE-532)\u0026nbsp;in some Command Centre Service installers could lead to Service Account credentials exposure.\u202f\u003cbr\u003e\u003cb\u003eMitigating Factor:\u003c/b\u003e\u0026nbsp;Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.\u003c/p\u003e\u003cdiv\u003e\u003cb\u003eMitigation:\u0026nbsp;\u003c/b\u003eFor sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\\Gallagher\\Command Centre.\u003c/div\u003e"
}
],
"value": "Insertion of Sensitive Information into Log File (CWE-532)\u00a0in some Command Centre Service installers could lead to Service Account credentials exposure.\u202f\nMitigating Factor:\u00a0Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.\n\nMitigation:\u00a0For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\\Gallagher\\Command Centre."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of sensitive information into log file",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T05:28:14.766Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-25193"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2026-25193",
"datePublished": "2026-05-25T05:28:14.766Z",
"dateReserved": "2026-03-01T23:45:09.705Z",
"dateUpdated": "2026-05-26T14:24:08.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20801 (GCVE-0-2026-20801)
Vulnerability from nvd – Published: 2026-03-03 02:41 – Updated: 2026-03-03 16:30
VLAI
Summary
Cleartext Transmission of Sensitive Information (CWE-319) in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams.
This issue affects all versions of Gallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | NxWitness VMS and Hanwha VMS Integrations |
Affected:
0 , < 9.10.017
(custom)
Affected: 0 , < 9.10.025 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T16:27:35.448713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T16:30:31.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "NxWitness VMS and Hanwha VMS Integrations",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.10.017",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.10.025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext Transmission of Sensitive Information (CWE-319) in\u003c/span\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ea component used in the Gallagher \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHanwha VMS and Gallagher NxWitness VMS integrations\u003c/span\u003e\u003cb\u003e\u0026nbsp;\u003c/b\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallows unprivileged users with local network access to view live video streams. \u003c/span\u003e\n\n \n\n\u003cp\u003eThis issue affects a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ell versions of \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eGallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025.\u003c/span\u003e\u003cbr\u003e\n\n\u003c/p\u003e"
}
],
"value": "Cleartext Transmission of Sensitive Information (CWE-319) in\u00a0a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations\u00a0allows unprivileged users with local network access to view live video streams. \n\n \n\nThis issue affects all versions of Gallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T02:41:10.357Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-20801"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2026-20801",
"datePublished": "2026-03-03T02:41:10.357Z",
"dateReserved": "2026-03-01T23:45:09.734Z",
"dateUpdated": "2026-03-03T16:30:31.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20757 (GCVE-0-2026-20757)
Vulnerability from nvd – Published: 2026-03-03 02:40 – Updated: 2026-03-03 15:43
VLAI
Summary
Improper Locking vulnerability (CWE-667) in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server.
This issue affects Command Centre Server:
9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-667 - Improper Locking
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.40 , < 9.40.1976(MR1) (custom) Affected: 9.30 , < 9.30.3382 (MR4) (custom) Affected: 9.20 , < 9.20.3783 (MR6) (custom) Affected: 9.10 , < 9.10.4647 (MR9) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T15:38:55.859473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T15:43:33.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.40.1976(MR1)",
"status": "affected",
"version": "9.40",
"versionType": "custom"
},
{
"lessThan": "9.30.3382 (MR4)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.3783 (MR6)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.4647 (MR9)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper Locking\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerability (CWE-667) in\u003c/span\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003eGallagher Morpho integration \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallows a privileged operator \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eto cause a limited denial-of-service in the Command Centre Server\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\n\n\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Improper Locking\u00a0vulnerability (CWE-667) in\u00a0Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server.\n\n\n\nThis issue affects Command Centre Server: \n\n9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-667",
"description": "CWE-667 Improper Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T02:40:45.702Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-20757"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2026-20757",
"datePublished": "2026-03-03T02:40:45.702Z",
"dateReserved": "2026-03-01T23:45:09.766Z",
"dateUpdated": "2026-03-03T15:43:33.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47147 (GCVE-0-2025-47147)
Vulnerability from nvd – Published: 2026-03-03 02:39 – Updated: 2026-03-03 15:56
VLAI
Summary
Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration.
This issue affects Command Centre Mobile Client versions prior to 9.40.123.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Mobile Client |
Affected:
9.40 , < 9.40.123
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T15:44:10.549714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T15:56:50.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Android",
"iOS"
],
"product": "Command Centre Mobile Client",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.40.123",
"status": "affected",
"version": "9.40",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator\u0027s mobile device to extract the session token and exploit access for a limited duration. \u003c/span\u003e\n\n \n\n\u003cp\u003eThis issue affects Command Centre Mobile Client versions prior to 9.40.123.\u003c/p\u003e"
}
],
"value": "Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator\u0027s mobile device to extract the session token and exploit access for a limited duration. \n\n \n\nThis issue affects Command Centre Mobile Client versions prior to 9.40.123."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T02:39:30.623Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-47147"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-47147",
"datePublished": "2026-03-03T02:39:30.623Z",
"dateReserved": "2025-06-17T02:18:59.232Z",
"dateUpdated": "2026-03-03T15:56:50.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64734 (GCVE-0-2025-64734)
Vulnerability from nvd – Published: 2025-11-18 03:26 – Updated: 2025-11-19 16:49
VLAI
Summary
Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry.
This issue affects Command Centre Server:
9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-772 - Missing Release of Resource after Effective Lifetime
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | T21 Reader |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < vCR9.30.251028a (custom) Affected: 9.20 , < vCR9.20.251028a (custom) Affected: 9.10 , < vCR9.10.251028a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T15:03:05.849954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:49:27.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "T21 Reader",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.30.251028a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.251028a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.251028a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMissing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u0026nbsp; all versions of 9.00 and prior.\n\n\u003c/p\u003e"
}
],
"value": "Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. \n\nThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u00a0 all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T03:26:44.442Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-64734"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-64734",
"datePublished": "2025-11-18T03:26:44.442Z",
"dateReserved": "2025-11-11T04:00:46.427Z",
"dateUpdated": "2025-11-19T16:49:27.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-52578 (GCVE-0-2025-52578)
Vulnerability from nvd – Published: 2025-11-18 03:26 – Updated: 2025-11-19 16:49
VLAI
Summary
Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications.
This issue affects Command Centre Server:
9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-335 - Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | High Sec End of Line Module |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < vCR9.30.251028a (custom) Affected: 9.20 , < vCR9.20.251028a (custom) Affected: 9.10 , < vCR9.10.251028a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52578",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T15:04:03.417918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:49:32.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "High Sec End of Line Module",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.30.251028a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.251028a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.251028a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIncorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM\u003c/span\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003emay\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallow a sophisticated attacker with physical access, to compromise internal device communications.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u0026nbsp;all versions of 9.00 and prior.\n\n\u003c/p\u003e"
}
],
"value": "Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM\u00a0may\u00a0allow a sophisticated attacker with physical access, to compromise internal device communications.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u00a0all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-335",
"description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T03:26:20.887Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-52578"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-52578",
"datePublished": "2025-11-18T03:26:20.887Z",
"dateReserved": "2025-11-11T04:00:46.463Z",
"dateUpdated": "2025-11-19T16:49:32.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-52457 (GCVE-0-2025-52457)
Vulnerability from nvd – Published: 2025-11-18 03:25 – Updated: 2025-11-19 16:49
VLAI
Summary
Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security.
This issue affects Command Centre Server:
9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | HBUS Devices |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < vCR9.30.251028a (custom) Affected: 9.20 , < vCR9.20.251028a (custom) Affected: 9.10 , < vCR9.10.251028a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T15:04:04.821385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:49:38.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HBUS Devices",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.30.251028a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.251028a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.251028a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eObservable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server:\n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u0026nbsp;all versions of 9.00 and prior.\n\n\u003c/p\u003e"
}
],
"value": "Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. \n\nThis issue affects Command Centre Server:\n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u00a0all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T03:25:57.696Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-52457"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-52457",
"datePublished": "2025-11-18T03:25:57.696Z",
"dateReserved": "2025-06-17T02:18:59.272Z",
"dateUpdated": "2025-11-19T16:49:38.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48430 (GCVE-0-2025-48430)
Vulnerability from nvd – Published: 2025-10-23 03:39 – Updated: 2025-10-23 15:26
VLAI
Summary
Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48430",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T15:26:15.583401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T15:26:56.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:39:31.438Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48430"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-48430",
"datePublished": "2025-10-23T03:39:31.438Z",
"dateReserved": "2025-06-17T02:18:59.246Z",
"dateUpdated": "2025-10-23T15:26:56.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48428 (GCVE-0-2025-48428)
Vulnerability from nvd – Published: 2025-10-23 03:39 – Updated: 2025-10-23 17:30
VLAI
Summary
Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site.
This issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T17:30:28.572049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T17:30:36.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. \u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue affects Command Centre Server: \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003cbr\u003e\u003c/span\u003e\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. \nThis issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:39:07.905Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48428"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-48428",
"datePublished": "2025-10-23T03:39:07.905Z",
"dateReserved": "2025-06-17T02:18:59.261Z",
"dateUpdated": "2025-10-23T17:30:36.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47699 (GCVE-0-2025-47699)
Vulnerability from nvd – Published: 2025-10-23 03:38 – Updated: 2025-10-23 14:34
VLAI
Summary
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7 (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:21:42.439593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:34:57.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server:\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices. \n\nThis issue affects Command Centre Server:\n\n9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:38:46.248Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-47699"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-47699",
"datePublished": "2025-10-23T03:38:46.248Z",
"dateReserved": "2025-06-17T02:18:59.279Z",
"dateUpdated": "2025-10-23T14:34:57.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41402 (GCVE-0-2025-41402)
Vulnerability from nvd – Published: 2025-10-23 03:38 – Updated: 2025-10-23 14:35
VLAI
Summary
Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), all versions of 9.00 and prior.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-602 - Client-Side Enforcement of Server-Side Security
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41402",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:21:56.739476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:35:08.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eClient-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), all versions of 9.00 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. \n\nThis issue affects Command Centre Server: \n\n\u00a09.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-602",
"description": "CWE-602 Client-Side Enforcement of Server-Side Security",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:38:22.200Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-41402"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-41402",
"datePublished": "2025-10-23T03:38:22.200Z",
"dateReserved": "2025-06-17T02:18:59.253Z",
"dateUpdated": "2025-10-23T14:35:08.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35981 (GCVE-0-2025-35981)
Vulnerability from nvd – Published: 2025-10-23 03:37 – Updated: 2025-10-23 14:35
VLAI
Summary
Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view.
This issue affects Command Centre Server: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6).
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
9.30.1874 (MR1)
(custom)
Affected: 9.20.2337 (MR3) Affected: 9.10.3194 (MR6) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35981",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:22:02.411584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:35:14.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"status": "affected",
"version": "9.30.1874 (MR1)",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.20.2337 (MR3)"
},
{
"status": "affected",
"version": "9.10.3194 (MR6)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExposure of Private Personal Information to an Unauthorized Actor (\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6).\u003c/p\u003e"
}
],
"value": "Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view. \n\nThis issue affects Command Centre Server: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:37:36.498Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-35981"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-35981",
"datePublished": "2025-10-23T03:37:36.498Z",
"dateReserved": "2025-06-17T02:18:59.266Z",
"dateUpdated": "2025-10-23T14:35:14.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46406 (GCVE-0-2025-46406)
Vulnerability from nvd – Published: 2025-07-10 03:10 – Updated: 2025-07-10 20:02
VLAI
Summary
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.
This issue affects Command Centre Server:
9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-270 - Privilege Context Switching Error
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.1874 (MR1) (custom) Affected: 9.20 , < 9.20.2337 (MR3) (custom) Affected: 9.10 , < 9.10.3194 (MR6) (custom) Affected: 9.00 , < 9.00.3371 (MR7) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T20:02:21.159913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T20:02:29.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.1874 (MR1)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2337 (MR3)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3194 (MR6)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3371 (MR7)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30.1874\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR1), 9.20 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.20.2337\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR3), 9.10 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.10.3194\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR6), \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.00 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.00.3371\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR7), \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eall versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to 9.30.1874\u00a0(MR1), 9.20 prior to 9.20.2337\u00a0(MR3), 9.10 prior to 9.10.3194\u00a0(MR6), 9.00 prior to 9.00.3371\u00a0(MR7), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-270",
"description": "CWE-270 Privilege Context Switching Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T03:10:03.557Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-46406"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-46406",
"datePublished": "2025-07-10T03:10:03.557Z",
"dateReserved": "2025-06-17T02:18:59.193Z",
"dateUpdated": "2025-07-10T20:02:29.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-44003 (GCVE-0-2025-44003)
Vulnerability from nvd – Published: 2025-07-10 03:09 – Updated: 2025-07-10 13:11
VLAI
Summary
Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled.
This issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in vEL9.00.3371 (MR7)), all versions of 8.90 and prior.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-772 - Missing Release of Resource after Effective Lifetime
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | T-Series Readers |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.20 , < vCR9.20.250213a (custom) Affected: 9.10 , < vCR9.10.250213a (custom) Affected: 9.00 , < vCR9.00.250619a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-44003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T13:11:06.416095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T13:11:13.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "T-Series Readers",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.250213a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.250213a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "vCR9.00.250619a",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMissing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects T-Series Readers: \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in \u0026nbsp;vEL9.00.3371 (MR7)), \u0026nbsp;all versions of 8.90 and prior. \u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled.\n\nThis issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in \u00a0vEL9.00.3371 (MR7)), \u00a0all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T03:09:43.640Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-44003"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-44003",
"datePublished": "2025-07-10T03:09:43.640Z",
"dateReserved": "2025-06-17T02:18:59.237Z",
"dateUpdated": "2025-07-10T13:11:13.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35983 (GCVE-0-2025-35983)
Vulnerability from nvd – Published: 2025-07-10 03:09 – Updated: 2025-07-10 13:11
VLAI
Summary
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected.
This issue affects Controller 7000:
9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Controller 7000 |
Affected:
9.30 , < vCR9.30.250624a
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35983",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T13:11:33.717912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T13:11:39.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Controller 7000",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "vCR9.30.250624a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Controller 7000: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. \n\nThis issue affects Controller 7000: \n\n9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1))."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T03:09:11.847Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-35983"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-35983",
"datePublished": "2025-07-10T03:09:11.847Z",
"dateReserved": "2025-06-17T02:18:59.220Z",
"dateUpdated": "2025-07-10T13:11:39.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-25193 (GCVE-0-2026-25193)
Vulnerability from cvelistv5 – Published: 2026-05-25 05:28 – Updated: 2026-05-26 14:24
VLAI
Summary
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure.
Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.
Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of sensitive information into log file
Assigner
References
1 reference
Impacted products
14 products
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
9.40 , < 9.40.2575 (MR2)
(custom)
|
|
| Gallagher | Active Directory Sync |
Affected:
0 , < 9.10.05
(custom)
|
|
| Gallagher | Cardholder Sync Utility |
Affected:
0 , < 9.30.104
(custom)
|
|
| Gallagher | Diagnostics Service |
Affected:
0 , < 2.0.9
(custom)
|
|
| Gallagher | Elevator Service |
Affected:
0 , < 10.0.8
(custom)
|
|
| Gallagher | Encoding Kiosk Application |
Affected:
0 , < 9.60.10
(custom)
|
|
| Gallagher | Entra ID Sync |
Affected:
1.0 , < 1.0.10
(custom)
Affected: 2.0 , < 2.0.5 (custom) |
|
| Gallagher | Event Sync Utility |
Affected:
0 , < 8.70.62
(custom)
|
|
| Gallagher | Event Logger |
Affected:
0 , < 8.90.16
(custom)
|
|
| Gallagher | Middleware Framework |
Affected:
0 , < 8.90.34
(custom)
|
|
| Gallagher | Nexudus Integration |
Affected:
0 , < 9.60.21
(custom)
|
|
| Gallagher | Okta Sync |
Affected:
0 , < 9.40.05
(custom)
|
|
| Gallagher | Papercut Interface Integration |
Affected:
0 , < 9.60.02
(custom)
|
|
| Gallagher | SIP Integration |
Affected:
0 , < 10.1.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T14:24:00.870402Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T14:24:08.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.40.2575 (MR2)",
"status": "affected",
"version": "9.40",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Active Directory Sync",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.10.05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Cardholder Sync Utility",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.30.104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Diagnostics Service",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "2.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Elevator Service",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "10.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Encoding Kiosk Application",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.60.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Entra ID Sync",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "1.0.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
},
{
"lessThan": "2.0.5",
"status": "affected",
"version": "2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Event Sync Utility",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "8.70.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Event Logger",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "8.90.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Middleware Framework",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "8.90.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Nexudus Integration",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.60.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Okta Sync",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.40.05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Papercut Interface Integration",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.60.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "SIP Integration",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "10.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eInsertion of Sensitive Information into Log File (CWE-532)\u0026nbsp;in some Command Centre Service installers could lead to Service Account credentials exposure.\u202f\u003cbr\u003e\u003cb\u003eMitigating Factor:\u003c/b\u003e\u0026nbsp;Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.\u003c/p\u003e\u003cdiv\u003e\u003cb\u003eMitigation:\u0026nbsp;\u003c/b\u003eFor sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\\Gallagher\\Command Centre.\u003c/div\u003e"
}
],
"value": "Insertion of Sensitive Information into Log File (CWE-532)\u00a0in some Command Centre Service installers could lead to Service Account credentials exposure.\u202f\nMitigating Factor:\u00a0Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.\n\nMitigation:\u00a0For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\\Gallagher\\Command Centre."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of sensitive information into log file",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T05:28:14.766Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-25193"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2026-25193",
"datePublished": "2026-05-25T05:28:14.766Z",
"dateReserved": "2026-03-01T23:45:09.705Z",
"dateUpdated": "2026-05-26T14:24:08.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20801 (GCVE-0-2026-20801)
Vulnerability from cvelistv5 – Published: 2026-03-03 02:41 – Updated: 2026-03-03 16:30
VLAI
Summary
Cleartext Transmission of Sensitive Information (CWE-319) in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams.
This issue affects all versions of Gallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | NxWitness VMS and Hanwha VMS Integrations |
Affected:
0 , < 9.10.017
(custom)
Affected: 0 , < 9.10.025 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T16:27:35.448713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T16:30:31.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "NxWitness VMS and Hanwha VMS Integrations",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.10.017",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.10.025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext Transmission of Sensitive Information (CWE-319) in\u003c/span\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ea component used in the Gallagher \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHanwha VMS and Gallagher NxWitness VMS integrations\u003c/span\u003e\u003cb\u003e\u0026nbsp;\u003c/b\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallows unprivileged users with local network access to view live video streams. \u003c/span\u003e\n\n \n\n\u003cp\u003eThis issue affects a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ell versions of \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eGallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025.\u003c/span\u003e\u003cbr\u003e\n\n\u003c/p\u003e"
}
],
"value": "Cleartext Transmission of Sensitive Information (CWE-319) in\u00a0a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations\u00a0allows unprivileged users with local network access to view live video streams. \n\n \n\nThis issue affects all versions of Gallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T02:41:10.357Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-20801"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2026-20801",
"datePublished": "2026-03-03T02:41:10.357Z",
"dateReserved": "2026-03-01T23:45:09.734Z",
"dateUpdated": "2026-03-03T16:30:31.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20757 (GCVE-0-2026-20757)
Vulnerability from cvelistv5 – Published: 2026-03-03 02:40 – Updated: 2026-03-03 15:43
VLAI
Summary
Improper Locking vulnerability (CWE-667) in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server.
This issue affects Command Centre Server:
9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-667 - Improper Locking
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.40 , < 9.40.1976(MR1) (custom) Affected: 9.30 , < 9.30.3382 (MR4) (custom) Affected: 9.20 , < 9.20.3783 (MR6) (custom) Affected: 9.10 , < 9.10.4647 (MR9) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T15:38:55.859473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T15:43:33.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.40.1976(MR1)",
"status": "affected",
"version": "9.40",
"versionType": "custom"
},
{
"lessThan": "9.30.3382 (MR4)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.3783 (MR6)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.4647 (MR9)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper Locking\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerability (CWE-667) in\u003c/span\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003eGallagher Morpho integration \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallows a privileged operator \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eto cause a limited denial-of-service in the Command Centre Server\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\n\n\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Improper Locking\u00a0vulnerability (CWE-667) in\u00a0Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server.\n\n\n\nThis issue affects Command Centre Server: \n\n9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-667",
"description": "CWE-667 Improper Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T02:40:45.702Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-20757"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2026-20757",
"datePublished": "2026-03-03T02:40:45.702Z",
"dateReserved": "2026-03-01T23:45:09.766Z",
"dateUpdated": "2026-03-03T15:43:33.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47147 (GCVE-0-2025-47147)
Vulnerability from cvelistv5 – Published: 2026-03-03 02:39 – Updated: 2026-03-03 15:56
VLAI
Summary
Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration.
This issue affects Command Centre Mobile Client versions prior to 9.40.123.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Mobile Client |
Affected:
9.40 , < 9.40.123
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T15:44:10.549714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T15:56:50.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Android",
"iOS"
],
"product": "Command Centre Mobile Client",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "9.40.123",
"status": "affected",
"version": "9.40",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator\u0027s mobile device to extract the session token and exploit access for a limited duration. \u003c/span\u003e\n\n \n\n\u003cp\u003eThis issue affects Command Centre Mobile Client versions prior to 9.40.123.\u003c/p\u003e"
}
],
"value": "Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator\u0027s mobile device to extract the session token and exploit access for a limited duration. \n\n \n\nThis issue affects Command Centre Mobile Client versions prior to 9.40.123."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T02:39:30.623Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-47147"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-47147",
"datePublished": "2026-03-03T02:39:30.623Z",
"dateReserved": "2025-06-17T02:18:59.232Z",
"dateUpdated": "2026-03-03T15:56:50.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64734 (GCVE-0-2025-64734)
Vulnerability from cvelistv5 – Published: 2025-11-18 03:26 – Updated: 2025-11-19 16:49
VLAI
Summary
Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry.
This issue affects Command Centre Server:
9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-772 - Missing Release of Resource after Effective Lifetime
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | T21 Reader |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < vCR9.30.251028a (custom) Affected: 9.20 , < vCR9.20.251028a (custom) Affected: 9.10 , < vCR9.10.251028a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T15:03:05.849954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:49:27.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "T21 Reader",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.30.251028a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.251028a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.251028a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMissing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u0026nbsp; all versions of 9.00 and prior.\n\n\u003c/p\u003e"
}
],
"value": "Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. \n\nThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u00a0 all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T03:26:44.442Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-64734"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-64734",
"datePublished": "2025-11-18T03:26:44.442Z",
"dateReserved": "2025-11-11T04:00:46.427Z",
"dateUpdated": "2025-11-19T16:49:27.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-52578 (GCVE-0-2025-52578)
Vulnerability from cvelistv5 – Published: 2025-11-18 03:26 – Updated: 2025-11-19 16:49
VLAI
Summary
Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications.
This issue affects Command Centre Server:
9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-335 - Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | High Sec End of Line Module |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < vCR9.30.251028a (custom) Affected: 9.20 , < vCR9.20.251028a (custom) Affected: 9.10 , < vCR9.10.251028a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52578",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T15:04:03.417918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:49:32.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "High Sec End of Line Module",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.30.251028a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.251028a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.251028a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIncorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM\u003c/span\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003emay\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallow a sophisticated attacker with physical access, to compromise internal device communications.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u0026nbsp;all versions of 9.00 and prior.\n\n\u003c/p\u003e"
}
],
"value": "Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM\u00a0may\u00a0allow a sophisticated attacker with physical access, to compromise internal device communications.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u00a0all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-335",
"description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T03:26:20.887Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-52578"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-52578",
"datePublished": "2025-11-18T03:26:20.887Z",
"dateReserved": "2025-11-11T04:00:46.463Z",
"dateUpdated": "2025-11-19T16:49:32.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-52457 (GCVE-0-2025-52457)
Vulnerability from cvelistv5 – Published: 2025-11-18 03:25 – Updated: 2025-11-19 16:49
VLAI
Summary
Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security.
This issue affects Command Centre Server:
9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | HBUS Devices |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < vCR9.30.251028a (custom) Affected: 9.20 , < vCR9.20.251028a (custom) Affected: 9.10 , < vCR9.10.251028a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T15:04:04.821385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:49:38.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HBUS Devices",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.30.251028a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.251028a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.251028a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eObservable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server:\n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u0026nbsp;all versions of 9.00 and prior.\n\n\u003c/p\u003e"
}
],
"value": "Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. \n\nThis issue affects Command Centre Server:\n\n9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),\u00a0all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T03:25:57.696Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-52457"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-52457",
"datePublished": "2025-11-18T03:25:57.696Z",
"dateReserved": "2025-06-17T02:18:59.272Z",
"dateUpdated": "2025-11-19T16:49:38.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48430 (GCVE-0-2025-48430)
Vulnerability from cvelistv5 – Published: 2025-10-23 03:39 – Updated: 2025-10-23 15:26
VLAI
Summary
Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48430",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T15:26:15.583401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T15:26:56.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:39:31.438Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48430"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-48430",
"datePublished": "2025-10-23T03:39:31.438Z",
"dateReserved": "2025-06-17T02:18:59.246Z",
"dateUpdated": "2025-10-23T15:26:56.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48428 (GCVE-0-2025-48428)
Vulnerability from cvelistv5 – Published: 2025-10-23 03:39 – Updated: 2025-10-23 17:30
VLAI
Summary
Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site.
This issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T17:30:28.572049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T17:30:36.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. \u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue affects Command Centre Server: \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003cbr\u003e\u003c/span\u003e\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. \nThis issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:39:07.905Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48428"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-48428",
"datePublished": "2025-10-23T03:39:07.905Z",
"dateReserved": "2025-06-17T02:18:59.261Z",
"dateUpdated": "2025-10-23T17:30:36.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47699 (GCVE-0-2025-47699)
Vulnerability from cvelistv5 – Published: 2025-10-23 03:38 – Updated: 2025-10-23 14:34
VLAI
Summary
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7 (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:21:42.439593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:34:57.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server:\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices. \n\nThis issue affects Command Centre Server:\n\n9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:38:46.248Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-47699"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-47699",
"datePublished": "2025-10-23T03:38:46.248Z",
"dateReserved": "2025-06-17T02:18:59.279Z",
"dateUpdated": "2025-10-23T14:34:57.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41402 (GCVE-0-2025-41402)
Vulnerability from cvelistv5 – Published: 2025-10-23 03:38 – Updated: 2025-10-23 14:35
VLAI
Summary
Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), all versions of 9.00 and prior.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-602 - Client-Side Enforcement of Server-Side Security
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 9.00
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41402",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:21:56.739476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:35:08.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eClient-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), all versions of 9.00 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. \n\nThis issue affects Command Centre Server: \n\n\u00a09.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), all versions of 9.00 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-602",
"description": "CWE-602 Client-Side Enforcement of Server-Side Security",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:38:22.200Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-41402"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-41402",
"datePublished": "2025-10-23T03:38:22.200Z",
"dateReserved": "2025-06-17T02:18:59.253Z",
"dateUpdated": "2025-10-23T14:35:08.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35981 (GCVE-0-2025-35981)
Vulnerability from cvelistv5 – Published: 2025-10-23 03:37 – Updated: 2025-10-23 14:35
VLAI
Summary
Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view.
This issue affects Command Centre Server: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6).
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
9.30.1874 (MR1)
(custom)
Affected: 9.20.2337 (MR3) Affected: 9.10.3194 (MR6) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35981",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:22:02.411584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T14:35:14.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"status": "affected",
"version": "9.30.1874 (MR1)",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.20.2337 (MR3)"
},
{
"status": "affected",
"version": "9.10.3194 (MR6)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExposure of Private Personal Information to an Unauthorized Actor (\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6).\u003c/p\u003e"
}
],
"value": "Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view. \n\nThis issue affects Command Centre Server: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:37:36.498Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-35981"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-35981",
"datePublished": "2025-10-23T03:37:36.498Z",
"dateReserved": "2025-06-17T02:18:59.266Z",
"dateUpdated": "2025-10-23T14:35:14.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46406 (GCVE-0-2025-46406)
Vulnerability from cvelistv5 – Published: 2025-07-10 03:10 – Updated: 2025-07-10 20:02
VLAI
Summary
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.
This issue affects Command Centre Server:
9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-270 - Privilege Context Switching Error
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.1874 (MR1) (custom) Affected: 9.20 , < 9.20.2337 (MR3) (custom) Affected: 9.10 , < 9.10.3194 (MR6) (custom) Affected: 9.00 , < 9.00.3371 (MR7) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T20:02:21.159913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T20:02:29.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.1874 (MR1)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2337 (MR3)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3194 (MR6)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3371 (MR7)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30.1874\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR1), 9.20 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.20.2337\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR3), 9.10 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.10.3194\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR6), \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.00 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.00.3371\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;(MR7), \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eall versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to 9.30.1874\u00a0(MR1), 9.20 prior to 9.20.2337\u00a0(MR3), 9.10 prior to 9.10.3194\u00a0(MR6), 9.00 prior to 9.00.3371\u00a0(MR7), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-270",
"description": "CWE-270 Privilege Context Switching Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T03:10:03.557Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-46406"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-46406",
"datePublished": "2025-07-10T03:10:03.557Z",
"dateReserved": "2025-06-17T02:18:59.193Z",
"dateUpdated": "2025-07-10T20:02:29.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-44003 (GCVE-0-2025-44003)
Vulnerability from cvelistv5 – Published: 2025-07-10 03:09 – Updated: 2025-07-10 13:11
VLAI
Summary
Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled.
This issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in vEL9.00.3371 (MR7)), all versions of 8.90 and prior.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-772 - Missing Release of Resource after Effective Lifetime
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | T-Series Readers |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.20 , < vCR9.20.250213a (custom) Affected: 9.10 , < vCR9.10.250213a (custom) Affected: 9.00 , < vCR9.00.250619a (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-44003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T13:11:06.416095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T13:11:13.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "T-Series Readers",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR9.20.250213a",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "vCR9.10.250213a",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "vCR9.00.250619a",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMissing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects T-Series Readers: \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in \u0026nbsp;vEL9.00.3371 (MR7)), \u0026nbsp;all versions of 8.90 and prior. \u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled.\n\nThis issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in \u00a0vEL9.00.3371 (MR7)), \u00a0all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T03:09:43.640Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-44003"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-44003",
"datePublished": "2025-07-10T03:09:43.640Z",
"dateReserved": "2025-06-17T02:18:59.237Z",
"dateUpdated": "2025-07-10T13:11:13.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35983 (GCVE-0-2025-35983)
Vulnerability from cvelistv5 – Published: 2025-07-10 03:09 – Updated: 2025-07-10 13:11
VLAI
Summary
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected.
This issue affects Controller 7000:
9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Controller 7000 |
Affected:
9.30 , < vCR9.30.250624a
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35983",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T13:11:33.717912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T13:11:39.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Controller 7000",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "vCR9.30.250624a",
"status": "affected",
"version": "9.30",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. \u003c/span\u003e\n\n\u003cp\u003eThis issue affects Controller 7000: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. \n\nThis issue affects Controller 7000: \n\n9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1))."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T03:09:11.847Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-35983"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-35983",
"datePublished": "2025-07-10T03:09:11.847Z",
"dateReserved": "2025-06-17T02:18:59.220Z",
"dateUpdated": "2025-07-10T13:11:39.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}