Cleartext Storage Vulnerability in Command Centre Mobile Client by Gallagher
CVE-2025-47147

5.7MEDIUM

Key Information:

Vendor: Gallagher
Status: Command Centre Mobile Client
Vendor: CVE Published:; 3 March 2026

What is CVE-2025-47147?

A vulnerability exists in the Command Centre Mobile Client for Android and iOS where sensitive information is stored in cleartext. This allows an attacker with access to a logged-in operator's mobile device to extract session tokens, potentially leading to exploitation of the application's access for a limited period. This issue impacts versions prior to 9.40.123, emphasizing the need for users to update to secure their sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Command Centre Mobile Client Android 9.40

References

https://security.gallagher.com/en-NZ/Security-Advisories/...

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 3, 2026
Vulnerability Reserved
Jun 17, 2025

JSON

Gallagher

What is CVE-2025-47147?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.