CVE-2025-1787
Received Received - Intake
Information Disclosure in Genetec Update Service Configuration Page

Publication date: 2026-02-24

Last updated on: 2026-04-26

Assigner: Genetec Inc.

Description
Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-04-26
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2025-1787
EUVD
EUVD-2025-208101
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
genetec genetec_update_service to 2.10.6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-346 The product does not properly verify that the source of data or communication is valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability allows a local administrator on a Windows system to leak information from the Genetec Update Service configuration web page. An authenticated user with admin privileges can exploit this issue to gain elevated privileges within the Genetec Update Service. Additionally, this vulnerability can be combined with CVE-2025-1789 to achieve low privilege escalation.

Impact Analysis

The impact of this vulnerability is that an authenticated Windows user with admin privileges could gain elevated privileges in the Genetec Update Service. This could potentially allow the attacker to perform unauthorized actions or access sensitive information within the service. When combined with another vulnerability (CVE-2025-1789), it could lead to low privilege escalation, increasing the risk of further exploitation.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-1787. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart