Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

#f2b06212-cb4b-41a4-9501-fa2e367495b8

Security Advisories

Reported CVEsVendorsProductsReports
7Vulnerabilities found
CVE-2025-1789
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-5.8||MEDIUM
EPSS-Not Assigned
Published-24 Feb, 2026 | 18:47
Updated-24 Feb, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.

Action-Not Available
Vendor-Genetec Inc.
Product-Genetec Update Service
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-1787
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-5.8||MEDIUM
EPSS-Not Assigned
Published-24 Feb, 2026 | 18:44
Updated-24 Feb, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.

Action-Not Available
Vendor-Genetec Inc.
Product-Genetec Update Service
CWE ID-CWE-346
Origin Validation Error
CVE-2025-1790
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.02% / 3.30%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 16:45
Updated-13 Feb, 2026 | 21:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows user could exploit this vulnerability to gain elevated privileges on the affected system.

Action-Not Available
Vendor-Genetec Inc.
Product-Genetec Sipelia
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2025-43027
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 19.38%
||
7 Day CHG~0.00%
Published-30 Oct, 2025 | 14:12
Updated-04 Nov, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A critical severity vulnerability has been identified in the ALPR Manager role of Security Center that could allow attackers to gain administrative access to the Genetec Security Center system. The Genetec engineering team discovered this issue internally. There is currently no evidence that this vulnerability has been exploited in the wild.

Action-Not Available
Vendor-Genetec Inc.
Product-Genetec Security Center
CWE ID-CWE-284
Improper Access Control
CVE-2025-2928
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-7.2||HIGH
EPSS-0.03% / 10.43%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 17:44
Updated-05 Aug, 2025 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL Injection affecting the Archiver role.

Action-Not Available
Vendor-Genetec Inc.
Product-Genetec Security Center
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-7059
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-8.9||HIGH
EPSS-0.26% / 49.30%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 13:13
Updated-09 Nov, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.

Action-Not Available
Vendor-Genetec Inc.genetec
Product-Genetec Security Centersecurity_center
CWE ID-CWE-470
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
CVE-2023-1522
Assigner-Genetec Inc.
ShareView Details
Assigner-Genetec Inc.
CVSS Score-8.8||HIGH
EPSS-0.36% / 57.55%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 18:51
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL Injection in the Hardware Inventory report of Security Center 5.11.2.

Action-Not Available
Vendor-genetecGenetec Inc.
Product-security_centerGenetec Security Center
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')