PT-2025-43422 · Unknown · Command Centre Server

Published

2025-10-23

Updated

2025-10-23

CVE-2025-41402

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Command Centre Server versions 9.00 and prior Command Centre Server versions 9.10 through 9.10.3672 Command Centre Server versions 9.20 through 9.20.2819 Command Centre Server versions 9.30 through 9.30.2482

Description A flaw exists in the Command Centre Server related to client-side enforcement of server-side security. A privileged operator can input incorrect competency data, which circumvents expiry checks.

Recommendations Update Command Centre Server to a version later than 9.00. Update Command Centre Server to a version later than 9.10.3672. Update Command Centre Server to a version later than 9.20.2819. Update Command Centre Server to a version later than 9.30.2482.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-602

Related Identifiers

CVE-2025-41402

Affected Products

Command Centre Server

PT-2025-43422 · Unknown · Command Centre Server

CVE-2025-41402

Weakness Enumeration

Related Identifiers

Affected Products

References · 6