Denial of Service Vulnerability in Gallagher Controllers 6000 and 7000
CVE-2023-22439

3.1LOW

Key Information:

Vendor: Gallagher
Status: Controller 6000/ Controller 7000
Vendor: CVE Published:; 18 December 2023

What is CVE-2023-22439?

A vulnerability has been identified in the Gallagher Controllers 6000 and 7000, which arises from improper input validation of large HTTP requests in the optional diagnostic web interface (Port 80). This vulnerability can be exploited to cause a Denial of Service, affecting accessibility to the diagnostic web interface. Products affected include various versions of Controller 6000 and 7000 prior to specific updates, underscoring the importance of keeping firmware up to date to protect against such security threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Controller 6000/ Controller 7000 0 <= 8.50

Controller 6000/ Controller 7000 8.90

Controller 6000/ Controller 7000 8.80

References

https://security.gallagher.com/Security-Advisories/CVE-20...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 18, 2023
Vulnerability Reserved
Feb 3, 2023

Credit

Sebastian Toscano of Amazon Security

Kevin Schaller of Amazon Security

JSON

Gallagher

What is CVE-2023-22439?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.