CVE-2026-25193

Summary

Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure.  Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.

Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.

Affected Software

VendorProductVersion RangeStatus
GallagherCommand Centre Server9.40 < 9.40.2575 (MR2)affected
GallagherActive Directory Sync0 < 9.10.05affected
GallagherCardholder Sync Utility0 < 9.30.104affected
GallagherDiagnostics Service0 < 2.0.9affected
GallagherElevator Service0 < 10.0.8affected
GallagherEncoding Kiosk Application0 < 9.60.10affected
GallagherEntra ID Sync1.0 < 1.0.10affected
GallagherEntra ID Sync2.0 < 2.0.5affected
GallagherEvent Sync Utility0 < 8.70.62affected
GallagherEvent Logger0 < 8.90.16affected
GallagherMiddleware Framework0 < 8.90.34affected
GallagherNexudus Integration0 < 9.60.21affected
GallagherOkta Sync0 < 9.40.05affected
GallagherPapercut Interface Integration0 < 9.60.02affected
GallagherSIP Integration0 < 10.1.0affected

Weaknesses

  • CWE-532: CWE-532 Insertion of sensitive information into log file

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References