cbcvebase.
CVE-2026-25193
published 2026-05-25

CVE-2026-25193: Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure…

PriorityP337high8.1CVSS 3.1
AVLACLPRLUIRSCCLIHAH
EPSS
0.13%
3.1th percentile
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted. Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.

Affected

15 ranges
VendorProductVersion rangeFixed in
gallagheractive_directory_sync< 9.10.059.10.05
gallaghercardholder_sync_utility< 9.30.1049.30.104
gallaghercommand_centre_server>= 9.40 < 9.40.2575 (MR2)9.40.2575 (MR2)
gallagherdiagnostics_service< 2.0.92.0.9
gallagherelevator_service< 10.0.810.0.8
gallagherencoding_kiosk_application< 9.60.109.60.10
gallagherentra_id_sync>= 1.0 < 1.0.101.0.10
gallagherentra_id_sync>= 2.0 < 2.0.52.0.5
gallagherevent_logger< 8.90.168.90.16
gallagherevent_sync_utility< 8.70.628.70.62
gallaghermiddleware_framework< 8.90.348.90.34
gallaghernexudus_integration< 9.60.219.60.21
gallagherokta_sync< 9.40.059.40.05
gallagherpapercut_interface_integration< 9.60.029.60.02
gallaghersip_integration< 10.1.010.1.0

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
cvelistv5v3.18.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
vendor_oracle5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.