Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-1787
PUBLISHED
More InfoOfficial Page
Assigner-Genetec
Assigner Org ID-f2b06212-cb4b-41a4-9501-fa2e367495b8
View Known Exploited Vulnerability (KEV) details
Published At-24 Feb, 2026 | 18:44
Updated At-24 Feb, 2026 | 21:17
Rejected At-
▼CVE Numbering Authority (CNA)

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.

Affected Products
Vendor
Genetec Inc.
Product
Genetec Update Service
Platforms
  • Windows
Default Status
unaffected
Versions
Affected
  • <2.10.600 (semver)
Unaffected
  • >=2.10.600 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-346CWE-346: Origin Validation Error
Type: CWE
CWE ID: CWE-346
Description: CWE-346: Origin Validation Error
Metrics
VersionBase scoreBase severityVector
4.05.8MEDIUM
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:H/IR:H/AR:H/MVC:H/MVI:H/MVA:H/MSI:H/MSA:H/S:P/AU:N/V:C
Version: 4.0
Base score: 5.8
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:H/IR:H/AR:H/MVC:H/MVI:H/MVA:H/MSI:H/MSA:H/S:P/AU:N/V:C
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-200CAPEC-200: Removal of filters: Input filters, output filters, data masking
CAPEC ID: CAPEC-200
Description: CAPEC-200: Removal of filters: Input filters, output filters, data masking
Solutions

This issue is fixed in Genetec Update Service 2.10.600 and all later versions. Internet connected Genetec Update Service will automatically update themselves.

Configurations
Workarounds
Exploits
Credits
finder
Rutger Flohil
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10
N/A
Hyperlink: https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found