PT-2026-43004 · Gallagher · Command Centre Server
Published
2026-05-25
·
Updated
2026-05-25
·
CVE-2026-25193
CVSS v3.1
8.1
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Command Centre Service (affected versions not specified)
Description
Some installers for Command Centre Service improperly insert sensitive information into log files, which could lead to the exposure of Service Account credentials. This issue specifically impacts sites that install the services using a custom Service Account rather than the default Network Service account.
Recommendations
Change the Service Account password.
Delete installer log files, typically located in
%programdata%GallagherCommand Centre.Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Command Centre Server