CVE-2025-44003
📋 TL;DR
A resource management vulnerability in Gallagher T-Series Readers allows attackers with physical access to cause limited denial of service when 125 kHz Card Technology is enabled. This affects T-Series Readers running vulnerable firmware versions. Physical proximity to the reader is required for exploitation.
💻 Affected Systems
- Gallagher T-Series Reader
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Physical attacker disables 125 kHz card reading functionality on affected readers, preventing access for users with those cards until system restart or recovery.
Likely Case
Limited denial of service affecting only 125 kHz card technology functionality on individual readers, requiring physical access and specific configuration.
If Mitigated
No impact if 125 kHz technology is disabled or physical access controls prevent unauthorized access to readers.
🎯 Exploit Status
Requires physical access to the reader device and 125 kHz technology enabled. No authentication or special tools required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: vCR9.20.250213a, vCR9.10.250213a, vCR9.00.250619a
Vendor Advisory: https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-44003
Restart Required: Yes
Instructions:
1. Download appropriate firmware update from Gallagher portal. 2. Apply update to affected T-Series Readers via Gallagher Command Centre. 3. Restart readers after update completion.
🔧 Temporary Workarounds
Disable 125 kHz Card Technology
allDisable the vulnerable 125 kHz functionality on affected readers
Configure via Gallagher Command Centre: Reader Configuration > Card Technologies > Disable 125 kHz
Enhance Physical Security
allImplement additional physical security controls around reader installations
🧯 If You Can't Patch
- Disable 125 kHz Card Technology on all affected readers
- Implement enhanced physical security controls and monitoring around reader locations
🔍 How to Verify
Check if Vulnerable:
Check Gallagher Command Centre for reader firmware versions and verify if 125 kHz technology is enabled.Check Version:
Check via Gallagher Command Centre: Device Management > Readers > Select Reader > Firmware VersionVerify Fix Applied:
Confirm firmware version shows patched version (vCR9.20.250213a, vCR9.10.250213a, or vCR9.00.250619a) in Gallagher Command Centre.📡 Detection & Monitoring
Log Indicators:
- Reader restart events
- 125 kHz card technology errors or failures
- Unexpected reader offline events
Network Indicators:
- No network indicators - physical access required
SIEM Query:
Search for: 'T-Series Reader' AND ('restart' OR 'failure' OR '125kHz error') in Gallagher system logs