CNNVD-202510-3280 Information

Oct 23, 2025 cve

CNNVD ID

CNNVD-202510-3280

CVE-2025-41402

  • CNNVD Published: 2025-10-23

Description (Chinese)

Gallagher Command Centre Server是新西兰Gallagher公司的一个用于对建筑物内基础设施进行监控、管理的管理系统。 Gallagher Command Centre Server存在安全漏洞,该漏洞源于客户端强制实施服务器端安全机制不当,可能导致特权操作员绕过过期检查输入无效能力数据。以下版本受到影响:9.30版本至vEL9.30.2482之前版本、9.20版本至vEL9.20.2819之前版本、9.10版本至vEL9.10.3672之前版本和9.00及之前所有版本。

Description (English)

Gallagher Command Centre Server is a management system for the control and management of building infrastructure at Gallagher, New Zealand. Gallagher Command Centre Server has a security loophole, which stems from inappropriate server end-to-end security mechanisms imposed by the client, which may result in privileged operators circumventing expired check to enter invalid capability data. The following versions are affected: 9.30 to vEL9.30.2482, 9.20 to vEL9.20.2819, 9.10 to vEL9.10.3672 and 9.00 and all before.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Gallagher

Published

2025-10-23

Last Modified

2026-02-24

References

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-41402

Patch

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-41402

Share on: