Unrated severityNVD Advisory· Published Mar 3, 2026· Updated Mar 3, 2026

CVE-2026-20801

Description

Cleartext Transmission of Sensitive Information (CWE-319) in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams.

This issue affects all versions of Gallagher NxWitness VMS integration prior to 9.10.017 and Gallagher Hanwha VMS integration prior to 9.10.025.

Affected products

Gallagher/Hanwha VMS integrationllm-create
Range: <9.10.025
Gallagher/NxWitness VMS integrationllm-create
Range: <9.10.017
Gallagher/NxWitness VMS and Hanwha VMS Integrationsv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-20801mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000