CVE-2025-48430 is a vulnerability classified under CWE-248 (Uncaught Exception) found in Gallagher's Command Centre Server, a widely used physical security management platform. The flaw allows an authorized and privileged operator to intentionally cause the server to crash by triggering an uncaught exception, resulting in a denial-of-service (DoS) condition. This vulnerability affects multiple versions of the Command Centre Server, specifically versions 8.90 and prior, as well as 9.00, 9.10, 9.20, and 9.30 prior to their respective maintenance releases (MR8, MR7, MR4, MR2). The CVSS v3.1 base score is 5.5, indicating a medium severity level. The attack vector is local (AV:L), requiring low attack complexity (AC:L) and privileges (PR:L), but no user interaction (UI:N). The impact is limited to availability (A:H) with no confidentiality or integrity impact. The vulnerability arises because the server software does not properly handle certain exceptions, allowing a privileged operator to crash the service at will. No public exploits have been reported yet, but the vulnerability could disrupt physical security operations by causing service outages. The lack of patch links suggests that fixes are either pending or distributed through vendor channels. Organizations relying on Gallagher Command Centre Server for access control and security monitoring should prioritize patching and access controls to mitigate risk.

The primary impact of CVE-2025-48430 is on the availability of the Gallagher Command Centre Server, which is critical for managing physical security infrastructure such as access control, alarms, and surveillance integration. A successful exploitation by a privileged operator can cause a denial-of-service, potentially disabling security monitoring and control functions temporarily. For European organizations, this could lead to operational disruptions, increased security risks, and compliance issues, especially in sectors like government, critical infrastructure, finance, and transportation where physical security is paramount. Although confidentiality and integrity are not directly affected, the loss of availability could indirectly increase risk exposure by preventing timely responses to security incidents. The requirement for privileged access limits the threat to insider misuse or compromised credentials, but insider threats remain a significant concern. The absence of known exploits reduces immediate risk but does not eliminate the potential for future attacks. Organizations may face reputational damage and regulatory scrutiny if physical security systems are disrupted due to this vulnerability.

1. Apply official patches or maintenance releases from Gallagher as soon as they become available for affected Command Centre Server versions. 2. Restrict privileged operator accounts strictly to trusted personnel and enforce the principle of least privilege to reduce the risk of intentional or accidental exploitation. 3. Implement robust monitoring and alerting for unusual activity or repeated crashes of the Command Centre Server to detect potential exploitation attempts early. 4. Conduct regular audits of privileged access and review logs to identify any misuse or anomalous behavior. 5. Consider network segmentation and access controls to limit who can reach the Command Centre Server management interfaces. 6. Develop and test incident response plans specifically addressing physical security system outages to minimize operational impact. 7. Engage with Gallagher support to confirm patch availability and receive guidance on secure configuration best practices. 8. Educate privileged users on the risks of misuse and enforce strict operational procedures to prevent intentional crashes. 9. Maintain up-to-date backups and failover capabilities for the Command Centre Server to enable rapid recovery from outages. 10. Coordinate with physical security teams to ensure continuity of security operations during potential downtime.