Privilege Context Switching Error in Command Center Server by Gallagher
CVE-2025-46406

5.6MEDIUM

Key Information:

Vendor: Gallagher
Status: Command Centre Server
Vendor: CVE Published:; 10 July 2025

What is CVE-2025-46406?

A Privilege Context Switching Error has been identified in the Command Center Server developed by Gallagher. This vulnerability allows an operator with high-level access in one division to perform limited privileged operations across the boundaries of the division. This issue can lead to unauthorized access and potential manipulation of resources that are intended for specific divisions. It is critical for organizations using affected versions to implement recommended security patches and updates to mitigate risks associated with this vulnerability.

Affected Version(s)

Command Centre Server 0 <= 8.90

Command Centre Server 9.30 < 9.30.1874 (MR1)

Command Centre Server 9.20 < 9.20.2337 (MR3)

References

https://security.gallagher.com/en-NZ/Security-Advisories/...

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2025
Vulnerability Reserved
Jun 17, 2025