Skip to main content

Command Centre Server EUVDEUVD-2026-42000

| CVE-2026-26053 MEDIUM
Incorrect Privilege Assignment (CWE-266)
2026-07-07 Gallagher GHSA-j55v-w58w-8mxc
5.3
CVSS 3.1 · Vendor: Gallagher
Share

Severity by source

Vendor (Gallagher) PRIMARY
5.3 MEDIUM
AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
vuln.today AI
5.3 MEDIUM

Requires authenticated low-privilege operator account (PR:L) and specific complex conditions (AC:H); only server-side integrity is impacted with no confidentiality or availability consequence.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
4.0 AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Gallagher).

CVSS VectorVendor: Gallagher

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jul 07, 2026 - 05:19 vuln.today

DescriptionCVE.org

An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1), 9.40 prior to vEL9.40.3130(MR3), 9.30 prior to vEL9.30.3983(MR5), 9.20 prior to vEL9.20.4349(MR7), all versions of 9.10.

AnalysisAI

Incorrect privilege assignment in Gallagher Command Centre Server permits an authenticated low-privilege operator to execute operations restricted to higher-privilege roles, enabling unauthorized integrity impacts on physical security configurations. Affected versions span the 9.10 through 9.50 release lines, with patches available for 9.20-9.50 but no fix for the fully end-of-support 9.10 branch. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege operator credentials
Delivery
Authenticate to Command Centre Server
Exploit
Identify restricted operation endpoint
Execution
Satisfy high-complexity exploitation condition
Persist
Invoke privileged operation beyond authorized role
Impact
Modify access control or alarm configuration

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session with at least a low-privilege operator role on the Gallagher Command Centre Server (confirmed by PR:L in the CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD CVSS 5.3 score reflects the constrained exploitability: AV:N acknowledges network reachability, but AC:H and PR:L together require both a valid operator credential and specific exploitation conditions to be satisfied simultaneously. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker holding a low-privilege Command Centre operator account - whether an insider, a compromised service account, or a contractor with limited access - crafts a specific sequence of server-side requests that satisfies the high-complexity trigger condition and exploits the incorrect privilege assignment to perform a privileged operation, such as modifying cardholder access rights, altering door unlock schedules, or changing alarm configurations beyond their authorized scope. No public exploit code exists at time of analysis, and the precise trigger mechanism is not publicly disclosed, meaning exploitation currently requires non-trivial knowledge of the platform internals.
Remediation Vendor-released patches are available: upgrade to vEL9.50.1587(MR1) on the 9.50 branch, vEL9.40.3130(MR3) on 9.40, vEL9.30.3983(MR5) on 9.30, or vEL9.20.4349(MR7) on 9.20, as confirmed in the Gallagher advisory at https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-26053. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-42000 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy