PT-2026-22717 · Gallagher · Hanwha Vms+1

Published

2026-03-03

Updated

2026-03-03

CVE-2026-20801

CVSS v3.1

5.6

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Gallagher NxWitness VMS integration versions prior to 9.10.017 Gallagher Hanwha VMS integration versions prior to 9.10.025

Description A component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams due to cleartext transmission of sensitive information.

Recommendations Update Gallagher NxWitness VMS integration to version 9.10.017 or later. Update Gallagher Hanwha VMS integration to version 9.10.025 or later.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2026-20801

Affected Products

Hanwha Vms

Nxwitness Vms

PT-2026-22717 · Gallagher · Hanwha Vms+1

CVE-2026-20801

Weakness Enumeration

Related Identifiers

Affected Products

References · 7