Home

Description

Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled. This issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in vEL9.00.3371 (MR7)), all versions of 8.90 and prior.

PUBLISHED Reserved 2025-06-17 | Published 2025-07-10 | Updated 2025-07-10 | Assigner Gallagher




MEDIUM: 4.3CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-772 Missing Release of Resource after Effective Lifetime

Product status

Default status
unaffected

Any version
affected

9.20 (custom) before vCR9.20.250213a
affected

9.10 (custom) before vCR9.10.250213a
affected

9.00 (custom) before vCR9.00.250619a
affected

References

security.gallagher.com/...Security-Advisories/CVE-2025-44003

cve.org (CVE-2025-44003)

nvd.nist.gov (CVE-2025-44003)

Download JSON