CVE-2025-46406: CWE-270 Privilege Context Switching Error in Gallagher Command Centre Server
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.
AI Analysis
Technical Summary
CVE-2025-46406 is a medium-severity vulnerability classified under CWE-270 (Privilege Context Switching Error) affecting Gallagher's Command Centre Server, a security management platform used for access control and security operations. The vulnerability arises from improper enforcement of privilege boundaries between Divisions within the system. Specifically, a privileged Operator with high-level access in one Division could exploit this flaw to perform limited privileged actions across Division boundaries, which should normally be isolated. This cross-division privilege escalation undermines the principle of least privilege and segmentation within the Command Centre Server environment. The affected versions include all releases prior to 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6), 9.00.3371 (MR7), and all versions of 8.90 and earlier. The CVSS v3.1 base score is 5.6, reflecting a medium severity with an attack vector limited to local access (AV:L), requiring low attack complexity (AC:L), low privileges (PR:L), and user interaction (UI:R). The impact primarily affects integrity (I:H) with limited availability impact (A:L) and no confidentiality impact (C:N). No known exploits are currently reported in the wild, and no official patches or mitigation links were provided at the time of publication. This vulnerability could allow unauthorized modification of security configurations or policies across Divisions, potentially leading to unauthorized access or control within the security management system.
Potential Impact
For European organizations, especially those in critical infrastructure, government, or large enterprises using Gallagher Command Centre Server for physical security management, this vulnerability poses a risk of unauthorized privilege escalation across organizational boundaries. The ability for an operator to perform privileged actions beyond their authorized Division could lead to unauthorized access to sensitive areas, manipulation of access control policies, or disruption of security monitoring. This could compromise physical security, lead to data breaches, or facilitate insider threats. The impact is heightened in environments with strict segmentation requirements, such as multi-tenant facilities or organizations with compartmentalized security zones. Although exploitation requires local access and user interaction, the risk remains significant where operators have legitimate access to the system but should be restricted to specific Divisions. The lack of confidentiality impact reduces the risk of data leakage, but the integrity and availability of security controls could be compromised, potentially undermining trust in the security infrastructure.
Mitigation Recommendations
European organizations should prioritize upgrading Gallagher Command Centre Server to the fixed versions: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6), or 9.00.3371 (MR7) as applicable. Until patches are available or applied, organizations should enforce strict operational controls such as limiting the number of privileged Operators with cross-Division access, implementing robust monitoring and auditing of privileged actions, and employing multi-factor authentication to reduce the risk of unauthorized use. Segmentation of administrative duties and regular review of operator privileges can help detect and prevent abuse. Additionally, organizations should conduct targeted security awareness training to ensure Operators understand the risks of cross-Division privilege misuse. Network-level controls can be used to restrict access to the Command Centre Server management interfaces to trusted hosts and networks. Finally, organizations should maintain close communication with Gallagher for updates and advisories regarding this vulnerability and any forthcoming patches or mitigations.
Affected Countries
United Kingdom, Germany, France, Netherlands, Sweden, Norway, Switzerland, Belgium, Italy, Spain
CVE-2025-46406: CWE-270 Privilege Context Switching Error in Gallagher Command Centre Server
Description
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.
AI-Powered Analysis
Technical Analysis
CVE-2025-46406 is a medium-severity vulnerability classified under CWE-270 (Privilege Context Switching Error) affecting Gallagher's Command Centre Server, a security management platform used for access control and security operations. The vulnerability arises from improper enforcement of privilege boundaries between Divisions within the system. Specifically, a privileged Operator with high-level access in one Division could exploit this flaw to perform limited privileged actions across Division boundaries, which should normally be isolated. This cross-division privilege escalation undermines the principle of least privilege and segmentation within the Command Centre Server environment. The affected versions include all releases prior to 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6), 9.00.3371 (MR7), and all versions of 8.90 and earlier. The CVSS v3.1 base score is 5.6, reflecting a medium severity with an attack vector limited to local access (AV:L), requiring low attack complexity (AC:L), low privileges (PR:L), and user interaction (UI:R). The impact primarily affects integrity (I:H) with limited availability impact (A:L) and no confidentiality impact (C:N). No known exploits are currently reported in the wild, and no official patches or mitigation links were provided at the time of publication. This vulnerability could allow unauthorized modification of security configurations or policies across Divisions, potentially leading to unauthorized access or control within the security management system.
Potential Impact
For European organizations, especially those in critical infrastructure, government, or large enterprises using Gallagher Command Centre Server for physical security management, this vulnerability poses a risk of unauthorized privilege escalation across organizational boundaries. The ability for an operator to perform privileged actions beyond their authorized Division could lead to unauthorized access to sensitive areas, manipulation of access control policies, or disruption of security monitoring. This could compromise physical security, lead to data breaches, or facilitate insider threats. The impact is heightened in environments with strict segmentation requirements, such as multi-tenant facilities or organizations with compartmentalized security zones. Although exploitation requires local access and user interaction, the risk remains significant where operators have legitimate access to the system but should be restricted to specific Divisions. The lack of confidentiality impact reduces the risk of data leakage, but the integrity and availability of security controls could be compromised, potentially undermining trust in the security infrastructure.
Mitigation Recommendations
European organizations should prioritize upgrading Gallagher Command Centre Server to the fixed versions: 9.30.1874 (MR1), 9.20.2337 (MR3), 9.10.3194 (MR6), or 9.00.3371 (MR7) as applicable. Until patches are available or applied, organizations should enforce strict operational controls such as limiting the number of privileged Operators with cross-Division access, implementing robust monitoring and auditing of privileged actions, and employing multi-factor authentication to reduce the risk of unauthorized use. Segmentation of administrative duties and regular review of operator privileges can help detect and prevent abuse. Additionally, organizations should conduct targeted security awareness training to ensure Operators understand the risks of cross-Division privilege misuse. Network-level controls can be used to restrict access to the Command Centre Server management interfaces to trusted hosts and networks. Finally, organizations should maintain close communication with Gallagher for updates and advisories regarding this vulnerability and any forthcoming patches or mitigations.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Gallagher
- Date Reserved
- 2025-06-17T02:18:59.193Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 686f307ca83201eaaca4840e
Added to database: 7/10/2025, 3:16:12 AM
Last enriched: 7/10/2025, 3:32:39 AM
Last updated: 8/3/2025, 12:37:27 AM
Views: 13
Related Threats
CVE-2025-43490: CWE-59 Improper Link Resolution Before File Access ('Link Following') in HP, Inc. HP Hotkey Support Software
MediumCVE-2025-9060: CWE-20 Improper Input Validation in MSoft MFlash
CriticalCVE-2025-8675: CWE-918 Server-Side Request Forgery (SSRF) in Drupal AI SEO Link Advisor
MediumCVE-2025-8362: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Drupal GoogleTag Manager
MediumCVE-2025-8361: CWE-962 Missing Authorization in Drupal Config Pages
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.