CVE-2025-1787

MEDIUM

4.2

Descripcion

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.

Detalles CVE

Puntuacion CVSS v3.14.2

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosHIGH

Interaccion usuarioNONE

Publicado2/24/2026

Ultima modificacion2/26/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

genetec:genetec_update_service

Debilidades (CWE)

CWE-346

Referencias

https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10(security@genetec.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.