Skip to main content

CVE-2025-46406: CWE-270 Privilege Context Switching Error in Gallagher Command Centre Server

Medium
VulnerabilityCVE-2025-46406cvecve-2025-46406cwe-270
Published: Thu Jul 10 2025 (07/10/2025, 03:10:03 UTC)
Source: CVE Database V5
Vendor/Project: Gallagher
Product: Command Centre Server

Description

A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.

AI-Powered Analysis

AILast updated: 07/10/2025, 03:32:39 UTC

Technical Analysis

CVE-2025-46406 is a medium-severity vulnerability classified under CWE-270 (Privilege Context Switching Error) affecting Gallagher's Command Centre Server, a security management platform used for access control and security operations. The vulnerability arises from improper enforcement of privilege boundaries between Divisions within the system. Specifically, a privileged Operator with high-level access in one Division could exploit this flaw to perform limited privileged actions across Division boundaries, which should normally be isolated. This cross-division privilege escalation undermines the principle of least privilege and segmentation within the Command Centre Server environment. The affected versions include all releases prior to 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6), 9.00.3371 (MR7), and all versions of 8.90 and earlier. The CVSS v3.1 base score is 5.6, reflecting a medium severity with an attack vector limited to local access (AV:L), requiring low attack complexity (AC:L), low privileges (PR:L), and user interaction (UI:R). The impact primarily affects integrity (I:H) with limited availability impact (A:L) and no confidentiality impact (C:N). No known exploits are currently reported in the wild, and no official patches or mitigation links were provided at the time of publication. This vulnerability could allow unauthorized modification of security configurations or policies across Divisions, potentially leading to unauthorized access or control within the security management system.

Potential Impact

For European organizations, especially those in critical infrastructure, government, or large enterprises using Gallagher Command Centre Server for physical security management, this vulnerability poses a risk of unauthorized privilege escalation across organizational boundaries. The ability for an operator to perform privileged actions beyond their authorized Division could lead to unauthorized access to sensitive areas, manipulation of access control policies, or disruption of security monitoring. This could compromise physical security, lead to data breaches, or facilitate insider threats. The impact is heightened in environments with strict segmentation requirements, such as multi-tenant facilities or organizations with compartmentalized security zones. Although exploitation requires local access and user interaction, the risk remains significant where operators have legitimate access to the system but should be restricted to specific Divisions. The lack of confidentiality impact reduces the risk of data leakage, but the integrity and availability of security controls could be compromised, potentially undermining trust in the security infrastructure.

Mitigation Recommendations

European organizations should prioritize upgrading Gallagher Command Centre Server to the fixed versions: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6), or 9.00.3371 (MR7) as applicable. Until patches are available or applied, organizations should enforce strict operational controls such as limiting the number of privileged Operators with cross-Division access, implementing robust monitoring and auditing of privileged actions, and employing multi-factor authentication to reduce the risk of unauthorized use. Segmentation of administrative duties and regular review of operator privileges can help detect and prevent abuse. Additionally, organizations should conduct targeted security awareness training to ensure Operators understand the risks of cross-Division privilege misuse. Network-level controls can be used to restrict access to the Command Centre Server management interfaces to trusted hosts and networks. Finally, organizations should maintain close communication with Gallagher for updates and advisories regarding this vulnerability and any forthcoming patches or mitigations.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Gallagher
Date Reserved
2025-06-17T02:18:59.193Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686f307ca83201eaaca4840e

Added to database: 7/10/2025, 3:16:12 AM

Last enriched: 7/10/2025, 3:32:39 AM

Last updated: 8/15/2025, 7:12:00 PM

Views: 14

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats