← back
CVE-2025-1787

CVE-2025-1787

CVSS 5.8 MEDIUMEPSS 0.1%CWE-346
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:H/IR:H/AR:H/MVC:H/MVI:H/MVA:H/MSI:H/MSA:H/S:P/AU:N/V:C
Affected products
Genetec Inc. · Genetec Update Service

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10