CVE-2025-47699 is a critical security vulnerability identified in the Gallagher Command Centre Server, specifically related to the Gallagher Morpho biometric integration. The issue is classified under CWE-497, which pertains to the exposure of sensitive system information to an unauthorized control sphere. This vulnerability allows an authenticated operator, who normally has limited site permissions, to escalate their control and make critical unauthorized changes to local Morpho biometric devices. The affected versions include all releases prior to vEL9.30.2482 (MR2) for version 9.30, vEL9.20.2819 (MR4) for 9.20, vEL9.10.3672 (MR7) for 9.10, vEL9.00.3831 (MR8) for 9.00, and all versions of 8.90 and earlier. The vulnerability is remotely exploitable (AV:N) with low attack complexity (AC:L), requiring only privileges of a limited authenticated operator (PR:L), and no user interaction (UI:N). The scope is changed (S:C), meaning the vulnerability affects components beyond the initially compromised security scope. The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), reflecting the potential for significant unauthorized access and control over biometric devices, which are critical for physical security enforcement. Although no known exploits are currently reported in the wild, the severity and ease of exploitation make this a high-risk vulnerability for organizations using Gallagher Command Centre Server in their security infrastructure.

For European organizations, the impact of CVE-2025-47699 is substantial due to the critical role Gallagher Command Centre Server plays in managing physical security systems, including biometric access controls via Morpho devices. Unauthorized changes to these devices could lead to unauthorized physical access, compromising sensitive facilities such as government buildings, data centers, transportation hubs, and critical infrastructure. This could result in data breaches, sabotage, theft, or disruption of operations. The high CVSS score reflects the potential for complete compromise of the biometric authentication system, undermining trust in physical security controls. Organizations relying on Gallagher systems for compliance with security regulations may face legal and reputational consequences if exploited. The vulnerability also increases insider threat risks, as operators with limited permissions could escalate privileges and bypass security policies. Given the interconnected nature of physical and cybersecurity, exploitation could facilitate further cyber intrusions or lateral movement within enterprise networks.

To mitigate CVE-2025-47699, European organizations should prioritize upgrading Gallagher Command Centre Server to the fixed versions: vEL9.30.2482 (MR2) or later for 9.30, vEL9.20.2819 (MR4) or later for 9.20, vEL9.10.3672 (MR7) or later for 9.10, and vEL9.00.3831 (MR8) or later for 9.00. For versions 8.90 and earlier, immediate upgrade or replacement is critical. Until patches are applied, organizations should restrict operator permissions rigorously, ensuring that only fully trusted personnel have access to Morpho device configurations. Implement strict role-based access controls (RBAC) and monitor logs for unusual configuration changes or access patterns. Employ network segmentation to isolate Command Centre Servers and biometric devices from general IT networks, reducing attack surface exposure. Conduct regular audits of physical security device configurations and operator activities. Additionally, consider deploying intrusion detection systems (IDS) tailored to detect anomalous commands or configuration changes in the Gallagher environment. Establish incident response plans specifically addressing physical security system compromises. Engage with Gallagher support for any available interim mitigations or guidance.