CVE-2024-43107
📋 TL;DR
CVE-2024-43107 is an improper certificate validation vulnerability in Gallagher's Milestone Integration Plugin that allows unauthenticated messages (including alarm events) to be sent to the plugin. This affects Gallagher MIPS Plugin v4.0 prior to v4.0.32 and all versions of v3.0 and earlier. Organizations using these versions for physical security integration are vulnerable.
💻 Affected Systems
- Gallagher Milestone Integration Plugin (MIP)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could inject false alarm events, manipulate security system responses, or potentially chain with other vulnerabilities to compromise physical security systems.
Likely Case
Unauthenticated attackers sending spoofed alarm events to trigger false alerts or disrupt security monitoring operations.
If Mitigated
Limited to denial-of-service through false alarms if proper network segmentation and monitoring are in place.
🎯 Exploit Status
The vulnerability specifically allows unauthenticated messages, making exploitation straightforward for attackers with network access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v4.0.32 or later
Vendor Advisory: https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-43107
Restart Required: Yes
Instructions:
1. Download v4.0.32 or later from Gallagher support portal. 2. Backup current configuration. 3. Stop the MIP service. 4. Install the update. 5. Restart the MIP service. 6. Verify functionality.
🔧 Temporary Workarounds
Network Segmentation
allRestrict network access to the MIP service to only trusted systems (Milestone servers and Gallagher Command Centre).
Firewall Rules
allImplement strict firewall rules to limit inbound connections to the MIP service port (typically TCP 8080).
🧯 If You Can't Patch
- Implement strict network segmentation to isolate the MIP service from untrusted networks
- Monitor network traffic to the MIP service for unusual patterns or unauthorized connections
🔍 How to Verify
Check if Vulnerable:
Check the MIP version in the plugin interface or installation directory. Versions v4.0 prior to v4.0.32 or any v3.x are vulnerable.Check Version:
Check the version in the MIP web interface or examine the installation directory for version information.Verify Fix Applied:
Verify the version shows v4.0.32 or later in the MIP interface and test that only authenticated messages are accepted.📡 Detection & Monitoring
Log Indicators:
- Unauthenticated connection attempts to MIP service
- Unexpected alarm events from unknown sources
- Failed certificate validation logs
Network Indicators:
- Unusual traffic patterns to MIP service port (typically 8080)
- Connections from unexpected IP addresses to MIP service
SIEM Query:
source_ip NOT IN (trusted_ips) AND dest_port=8080 AND protocol=TCP