CVE-2026-25193
HighSummary
Some Command Centre Service installers have an issue with the insertion of sensitive information into log files, which could lead to the exposure of Service Account credentials.
Risk Assessment
Organizations using a custom Service Account may be at risk of credential exposure, potentially leading to unauthorized access.
Recommendation
It is recommended to change the Service Account password and delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
Original NVD description (English source)
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted. Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.

