CVE-2024-42407 – This vulnerability in Gallagher Command Centre'... (How to Fix)

Q: What is the severity of CVE-2024-42407?

CVE-2024-42407 has a CVSS score of 8.5 (HIGH). This vulnerability in Gallagher Command Centre's Alarm Transmitter feature allows authenticated operators to view sensitive security information they shouldn't have access to, due to improper logging practices. It affects Command Centre Server versions 8.80 and earlier, plus specific vulnerable versions of 8.90, 9.00, and 9.10. Attackers need operator-level authentication to exploit this information disclosure flaw.

📋 TL;DR

This vulnerability in Gallagher Command Centre's Alarm Transmitter feature allows authenticated operators to view sensitive security information they shouldn't have access to, due to improper logging practices. It affects Command Centre Server versions 8.80 and earlier, plus specific vulnerable versions of 8.90, 9.00, and 9.10. Attackers need operator-level authentication to exploit this information disclosure flaw.

💻 Affected Systems

Products:

Gallagher Command Centre Server

Versions: Command Centre Server 9.10 prior to 9.10.2149 (MR4), 9.00 prior to 9.00.2374 (MR5), 8.90 prior to 8.90.2356 (MR6), all versions of 8.80 and prior

Operating Systems: Windows Server (typical deployment)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the Alarm Transmitter feature specifically. Requires operator authentication to exploit.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated malicious operator could access highly sensitive security information (potentially including credentials, system configurations, or access control data) and use it to escalate privileges, bypass security controls, or facilitate further attacks.

🟠

Likely Case

An operator with legitimate access but insufficient permissions could accidentally or intentionally view sensitive operational data they shouldn't see, potentially violating security policies or compliance requirements.

🟢

If Mitigated

With proper access controls and monitoring, the impact is limited to information disclosure within the operator role scope, though sensitive data exposure still represents a security policy violation.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated operator access. The vulnerability involves accessing improperly logged sensitive information through normal operator interface functions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.10.2149 (MR4), 9.00.2374 (MR5), 8.90.2356 (MR6), or upgrade from 8.80 to a supported version

Vendor Advisory: https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-42407

Restart Required: Yes

Instructions:

1. Download the appropriate patch from Gallagher support portal. 2. Backup Command Centre configuration and database. 3. Apply the patch following Gallagher's installation guide. 4. Restart the Command Centre service. 5. Verify the patch version in Command Centre About dialog.

🔧 Temporary Workarounds

Restrict Operator Access

all

Limit operator accounts to only those with legitimate need for Alarm Transmitter functionality

Enhanced Log Monitoring

all

Implement strict monitoring of operator access to Alarm Transmitter logs and alert on unusual access patterns

🧯 If You Can't Patch

Implement strict principle of least privilege for all operator accounts
Enable detailed audit logging for all operator access to Alarm Transmitter features and review regularly

🔍 How to Verify

Check if Vulnerable:

Check Command Centre version in Help > About dialog. If version matches affected ranges (9.10 < 9.10.2149, 9.00 < 9.00.2374, 8.90 < 8.90.2356, or any 8.80 version), system is vulnerable.

Check Version:

Check via Command Centre GUI: Help > About, or query Gallagher database if API access available

Verify Fix Applied:

Verify version shows patched version (9.10.2149+, 9.00.2374+, 8.90.2356+, or version > 8.80). Test operator access to Alarm Transmitter logs to confirm sensitive information is properly redacted.

📡 Detection & Monitoring

Log Indicators:

Multiple operator access attempts to Alarm Transmitter logs
Unusual patterns of log viewing by operators
Access to log files containing sensitive data markers

Network Indicators:

Increased traffic to log query endpoints from operator workstations

SIEM Query:

source="command_centre" AND (event_type="log_access" OR feature="alarm_transmitter") AND user_role="operator" AND result="success" | stats count by user, timestamp

📊 Metadata

CVE ID: CVE-2024-42407

CVSS v3 Score: 8.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

CWE: CWE-532

Published: December 12, 2024

Last Updated: December 12, 2024

🔗 References

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-42407

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42407, you might also want to check these: