CVE-2026-25193
published 2026-05-25CVE-2026-25193: Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure…
PriorityP337high8.1CVSS 3.1
AVLACLPRLUIRSCCLIHAH
EPSS
0.13%
3.1th percentile
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure.
Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.
Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gallagher | active_directory_sync | < 9.10.05 | 9.10.05 |
| gallagher | cardholder_sync_utility | < 9.30.104 | 9.30.104 |
| gallagher | command_centre_server | >= 9.40 < 9.40.2575 (MR2) | 9.40.2575 (MR2) |
| gallagher | diagnostics_service | < 2.0.9 | 2.0.9 |
| gallagher | elevator_service | < 10.0.8 | 10.0.8 |
| gallagher | encoding_kiosk_application | < 9.60.10 | 9.60.10 |
| gallagher | entra_id_sync | >= 1.0 < 1.0.10 | 1.0.10 |
| gallagher | entra_id_sync | >= 2.0 < 2.0.5 | 2.0.5 |
| gallagher | event_logger | < 8.90.16 | 8.90.16 |
| gallagher | event_sync_utility | < 8.70.62 | 8.70.62 |
| gallagher | middleware_framework | < 8.90.34 | 8.90.34 |
| gallagher | nexudus_integration | < 9.60.21 | 9.60.21 |
| gallagher | okta_sync | < 9.40.05 | 9.40.05 |
| gallagher | papercut_interface_integration | < 9.60.02 | 9.60.02 |
| gallagher | sip_integration | < 10.1.0 | 10.1.0 |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
cvelistv5v3.18.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
vendor_oracle5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5p63-2cwc-2x43: Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposur
ghsa_unreviewed·2026-05-26
CVE-2026-25193 [HIGH] CWE-532 GHSA-5p63-2cwc-2x43: Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposur
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure.
Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.
Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
CVEList
CVE-2026-25193: Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposur
cvelistv5·2026-05-25·CVSS 8.1
CVE-2026-25193 [HIGH] CWE-532 CVE-2026-25193: Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposur
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure.
Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.
Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
VulDB
Gallagher Command Centre Server log file (EUVD-2026-31636)
vuldb·2026-05-25
CVE-2026-25193 [LOW] Gallagher Command Centre Server log file (EUVD-2026-31636)
A vulnerability was found in Gallagher Command Centre Server, Active Directory Sync, Cardholder Sync Utility, Diagnostics Service, Elevator Service, Encoding Kiosk Application, Entra ID Sync, Event Sync Utility, Event Logger, Middleware Framework, Nexudus Integration, Okta Sync, Papercut Interface Integration and SIP Integration and classified as problematic. Affected is an unknown function. Such manipulation leads to sensitive information in log files.
This vulnerability is traded as CVE-2026-25193. An attack has to be approached locally. There is no exploit available.
It is suggested to upgrade the affected component.
Oracle
Oracle Oracle Communications Risk Matrix: Security (Netty) — CVE-2025-25193
vendor_oracle·2026-01-15·CVSS 5.5
CVE-2025-25193 [MEDIUM] Oracle Oracle Communications Risk Matrix: Security (Netty) — CVE-2025-25193
Oracle Oracle Communications Risk Matrix: Security (Netty) vulnerability
CVE: CVE-2025-25193
CVSS: 5.5
Protocol: None
Remote exploit: No
Affected versions: Local
Advisory: cpujan2026 (JAN 2026)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-25
Published