CVE-2026-40619

Vulnerability

A high security vulnerability affects Genetec Security Center main server installations. The issue stems from specific installation package builds, not solely the product version. Versions including 5.10.4.0, 5.11.3.0, 5.12.2.0, and 5.13.3.0 were released with both vulnerable and remediated installation packages under the same version number. Installations performed using vulnerable builds are affected, while remediated builds can be identified by verified installation package hashes. This vulnerability is present in Security Center versions 5.7 SR6 through 5.13, but only affects new server deployments, not upgraded instances [1].

Exploitation

Exploitation requires an attacker to have local operating system privileges on the main server. The attacker must access specific installation log files where the Server Admin password may have been captured during the installation process under certain conditions [1].

Impact

Successful exploitation allows an attacker with local OS privileges to access the Server Admin credentials used at installation time. This grants the attacker the same privileges as the Server Administrator, potentially leading to unauthorized access and control over the Security Center system [1].

Mitigation

Genetec recommends rotating the Server Admin password if it has not been changed since installation and executing the standalone utility tool SecurityUtility_CVE-2026-40619_SAM.exe on the main server to identify and remove sensitive installation logs. As a workaround, restrict access to the ProgramData\Genetec\Installation folder to administrator users. Specific remediations are available for versions 5.7 SR6 through 5.10.3, and likely for later versions as well, though the full list of fixed build hashes is detailed in the security advisory [1].