Security Advisories

Identifying vulnerabilities

Gallagher is committed to ensuring that we provide safe, secure and robust products to our customers. As technology changes and evolves, both our internal and third party penetration testers are constantly testing our products to find vulnerabilities.

View Security Advisories Flyer

Maintenance release

Vulnerabilities identified as critical are resolved promptly in all affected, supported versions* of Command Centre and a new version of Command Centre (a maintenance release) will be developed to address the vulnerability. Maintenance releases for a specific version of Command Centre are available to all licensed customers regardless of the customers Software Maintenance status with Gallagher.

Security Advisory

Security Advisories will be available on our website and will contain details of:

  • The severity (based on CVSS score system v3.1)
  • CVE identification number
  • Components affected (e.g. servers, workstations, controllers)
  • Versions of software that are affected
  • Any mitigations
  • Who the vulnerability was reported by
  • Whether we are aware of it being actively exploited
  • A description of the vulnerability
  • Which versions maintenance releases are available for

*supported versions include the current version and the three previous versions of Command Centre

CVE logo simplified-General Purpose


Hardening Guides

Want to ensure your system is configured to mitigate security threats? Request a copy of our hardening guides. These are available for Command Centre, Controller 6000 & Visitor Management Kiosk. These include information on best practice operating system configuration, card technologies and the impacts of legacy hardware. 

Request Hardening Guides

Current Security Advisories

Click here to read an overview of how we manage the disclosure and prioritization of vulnerabilities and our involvement with the CVE program.

 

Security Researcher Acknowledgements

Gallagher strongly values the efforts of security researchers, and would like to personally acknowledge the following individuals who have helped to strengthen Gallagher’s products and services through the responsible disclosure of security vulnerabilities.

Sharan K

M.Yaswanth

Sankalp Sandeep Paranjpe

Nikhil Rane

Ritik Jangra

Rupali Jain

Akash Rajendra Patil

kukurza

freedfr0md3sire

Fayaz Ahammad

Sebastian Toscano of Amazon Security

Kevin Schaller of Amazon Security

Stay up to date with Gallagher

Get the latest Gallagher news, updates, and event information delivered straight to your inbox.