Incorrect Privilege Assignment Vulnerability in Gallagher Command Centre Server
CVE-2026-26053

5.3MEDIUM

Key Information:

Vendor

Gallagher

Vendor
CVE Published:
7 July 2026

What is CVE-2026-26053?

An incorrect privilege assignment vulnerability exists in Gallagher's Command Centre Server that allows an authenticated operator with limited privileges to carry out operations beyond their authorization. This flaw could enable users to access functions typically restricted to higher-level accounts, posing serious risks to system integrity and security. Affected versions include various iterations of the Command Centre Server prior to specific updates.

Affected Version(s)

Command Centre Server 9.10

Command Centre Server 9.50

Command Centre Server 9.40

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.