[Vulnerability Alert] Galaxy Software Services | Vitals ESP - Incorrect Authorization

• Subject Explanation: [Vulnerability Alert] Galaxy Software Services | Vitals ESP - Incorrect Authorization

• Content Description:
  • Forwarding Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert TWCERTCC-200-202603-00000020
  • [Galaxy Software Services | Vitals ESP - Incorrect Authorization] (CVE-2026-4639, CVSS: 8.8) An authenticated remote attacker can execute certain administrative functions, thereby escalating privileges.
• Impacted Platforms:
  • Vitals ESP versions 6.3 and earlier
• Suggested Measures:
  • Contact the vendor for a patch
• References:
  1. https://www.twcert.org.tw/tw/cp-132-10794-704a2-1.html

Computer and Communication Center
Network Systems Division