[Vulnerability Alert] Galaxy Software Services | Vitals ESP - Incorrect Authorization

Date Posted: 2026/03/26

Subject Explanation: [Vulnerability Alert] Galaxy Software Services | Vitals ESP - Incorrect Authorization

Content Description:
- Forwarding Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert TWCERTCC-200-202603-00000020
- [Galaxy Software Services | Vitals ESP - Incorrect Authorization] (CVE-2026-4639, CVSS: 8.8) An authenticated remote attacker can execute certain administrative functions, thereby escalating privileges.
Impacted Platforms:
- Vitals ESP versions 6.3 and earlier
Suggested Measures:
- Contact the vendor for a patch
References:
1. https://www.twcert.org.tw/tw/cp-132-10794-704a2-1.html

Computer and Communication Center
Network Systems Division