PT-2026-43004 · Gallagher · Command Centre Server

Published

2026-05-25

·

Updated

2026-05-25

·

CVE-2026-25193

CVSS v3.1

8.1

High

VectorAV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
Name of the Vulnerable Software and Affected Versions Command Centre Service (affected versions not specified)
Description Some installers for Command Centre Service improperly insert sensitive information into log files, which could lead to the exposure of Service Account credentials. This issue specifically impacts sites that install the services using a custom Service Account rather than the default Network Service account.
Recommendations Change the Service Account password. Delete installer log files, typically located in %programdata%GallagherCommand Centre.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-25193

Affected Products

Command Centre Server