CVE-2025-46406— Gallagher Command Centre Server 安全漏洞

N/A

A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

特权上下文切换错误

Gallagher Command Centre Server 安全漏洞

Gallagher Command Centre Server是新西兰Gallagher公司的一个用于对建筑物内基础设施进行监控、管理的管理系统。 Gallagher Command Centre Server存在安全漏洞，该漏洞源于权限上下文切换错误，可能导致跨部门权限提升。以下版本受到影响：9.30之前版本、9.20之前版本、9.10之前版本、9.00之前版本和8.90及之前版本。

N/A

N/A