CVE-2025-1789 | THREATINT

Description

Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.

PUBLISHED Reserved 2025-02-28 | Published 2026-02-24 | Updated 2026-02-24 | Assigner Genetec

MEDIUM: 5.8CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:H/IR:H/AR:H/MVC:H/MVI:H/MVA:H/MSI:H/MSA:H/S:P/AU:N/V:C

Problem types

Incorrect Default Permissions

Product status

Default status

unaffected

<2.10.600 (semver)

affected

>=2.10.600 (semver)

unaffected

Credits

Rutger Flohil finder

References

techdocs.genetec.com/...ities-in-Genetec-Update-Service-2.10

cve.org (CVE-2025-1789)

nvd.nist.gov (CVE-2025-1789)

Download JSON