CVE-2025-47699 in Command Centre Server
Summary
by MITRE • 10/23/2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 10/26/2025
The vulnerability described in CVE-2025-47699 represents a critical exposure of sensitive system information that falls under CWE-497, which specifically addresses the unintentional disclosure of system information to unauthorized parties. This weakness manifests within the Gallagher Morpho integration framework where an authenticated operator possessing only limited site permissions can exploit a design flaw to execute critical modifications on local Morpho devices. The issue demonstrates a significant privilege escalation vulnerability that undermines the security boundaries established within the Command Centre Server environment. The affected versions span multiple release lines including 9.30 prior to vEL9.30.2482, 9.20 prior to vEL9.20.2819, 9.10 prior to vEL9.10.3672, 9.00 prior to vEL9.00.3831, and all versions of 8.90 and prior, indicating this is a persistent issue affecting the software's access control mechanisms over an extended period.
The technical flaw stems from inadequate validation and authorization controls within the Morpho integration module of the Command Centre Server. When an authenticated user with limited permissions attempts to interact with the system, the server fails to properly enforce access restrictions that should prevent modification of critical device configurations. This vulnerability allows attackers to bypass expected security boundaries and potentially gain control over physical security infrastructure components. The exposure of sensitive system information creates a pathway for attackers to discover device configurations, network topology details, and operational parameters that should remain protected within the authorized control sphere. The weakness essentially permits lateral movement and privilege escalation within the security architecture, enabling unauthorized access to systems that should only be modifiable by administrators with appropriate clearance levels.
The operational impact of this vulnerability extends beyond simple information disclosure to encompass potential compromise of physical security systems and operational integrity. An attacker exploiting this vulnerability could make unauthorized changes to access control devices, modify user permissions, alter system configurations, or potentially disable critical security functions. This represents a serious threat to the security posture of organizations relying on Gallagher Morpho integration for physical security management. The vulnerability could enable attackers to create backdoor access points, modify access logs, or manipulate security policies in ways that could go undetected for extended periods. The potential for cascading security failures increases significantly when considering that Morpho devices typically control access to critical facilities, making this vulnerability particularly dangerous from both operational and security perspectives.
Mitigation strategies for CVE-2025-47699 should prioritize immediate implementation of the vendor-provided patches and updates for all affected versions of the Command Centre Server. Organizations must conduct comprehensive security assessments to identify all instances of the vulnerable software and ensure proper patch management procedures are in place. Network segmentation and access control measures should be strengthened to limit the scope of potential exploitation, while monitoring systems should be enhanced to detect anomalous behavior patterns that might indicate exploitation attempts. The implementation of principle of least privilege should be enforced more rigorously, ensuring that users with limited site permissions cannot perform actions that require elevated privileges. Security teams should also review and update their incident response procedures to address potential exploitation scenarios involving unauthorized device modifications. This vulnerability aligns with ATT&CK technique T1078.004 which covers valid accounts with elevated privileges, and represents a critical gap in the security model that requires immediate remediation to prevent potential compromise of physical security infrastructure.