CVE-2025-48430 identifies a vulnerability in Gallagher's Command Centre Server, a widely used physical security management platform. The issue arises from an uncaught exception (classified under CWE-248) that can be deliberately triggered by an authorized and privileged operator, causing the server to crash and become unavailable. The affected versions include all releases prior to vEL9.30.2482 (MR2), vEL9.20.2819 (MR4), vEL9.10.3672 (MR7), vEL9.00.3831 (MR8), and all versions 8.90 and earlier. The vulnerability does not expose confidential data or allow unauthorized changes, but it results in a denial-of-service (DoS) condition impacting system availability. Exploitation requires local access with privileges (AV:L, PR:L) but no user interaction beyond the operator's own actions. The CVSS v3.1 base score is 5.5, reflecting medium severity due to the limited scope and impact. No public exploits are currently known, and no patches were linked at the time of publication, indicating the need for vigilance and prompt patch application once available. This vulnerability could disrupt physical security operations, potentially delaying response times or causing temporary loss of monitoring capabilities.

For European organizations, the primary impact is on the availability of physical security management systems relying on Gallagher Command Centre Server. A successful exploitation could lead to denial-of-service conditions, temporarily disabling security monitoring and control functions. This disruption could increase the risk of unauthorized physical access or delayed incident response, especially in critical infrastructure sectors such as transportation, energy, government facilities, and large enterprises. While confidentiality and integrity remain unaffected, the availability loss could have cascading effects on operational continuity and safety. Organizations with stringent physical security requirements or regulatory compliance obligations may face operational and reputational risks if the vulnerability is exploited. The requirement for privileged operator access limits the attack surface but underscores the importance of strict access controls and monitoring of privileged users.

1. Apply vendor-supplied patches immediately once they become available for the affected versions of Gallagher Command Centre Server. 2. Restrict privileged operator access to trusted and trained personnel only, implementing the principle of least privilege. 3. Monitor operator activities and audit logs for unusual or unauthorized attempts to trigger server functions that could lead to crashes. 4. Implement redundancy and failover mechanisms for Command Centre Server deployments to maintain availability during potential service disruptions. 5. Conduct regular security training for operators to raise awareness about the risks of triggering system exceptions. 6. Isolate the Command Centre Server environment to limit local access to authorized personnel and reduce the risk of insider threats. 7. Engage with Gallagher support to obtain timely updates and guidance on vulnerability remediation and best practices.