CVE-2025-64734 LOW

CVE-2025-64734

Vendor Gallagher
Product T21 Reader
Weakness CWE-772
Published November 18, 2025
Last update November 19, 2025

CVSS base score

2.4/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)),  all versions of 9.00 and prior.

Key dates

02Disclosure timeline

November 18, 2025 CVE published
November 19, 2025 Record updated