Medium severity4.2NVD Advisory· Published Feb 24, 2026· Updated Apr 26, 2026

CVE-2025-1787

Description

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.

Affected products

Genetec/Genetec Update Service
cpe:2.3:a:genetec:genetec_update_service:*:*:*:*:*:*:*:*
Range: <2.10.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10nvdRelease NotesVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.273
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000