PT-2022-17656 · Gallagher · Gallagher Controller 6000

Published

2022-07-06

Updated

2022-07-14

CVE-2022-26078

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Gallagher Controller 6000 versions prior to 220303a

Description The Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address.

Recommendations For versions prior to 220303a, update to version 220303a or later to resolve the issue. As a temporary workaround, consider implementing network segmentation or restricting ARP packet traffic to minimize the risk of exploitation.

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

CVE-2022-26078

Affected Products

Gallagher Controller 6000

PT-2022-17656 · Gallagher · Gallagher Controller 6000

CVE-2022-26078

Weakness Enumeration

Related Identifiers

Affected Products

References · 5