CVE-2026-40619
Awaiting Analysis Awaiting Analysis - Queue
Security Center Main Server Credential Exposure Vulnerability

Publication date: 2026-06-02

Last updated on: 2026-06-02

Assigner: Genetec Inc.

Description
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation. This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number. Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-02
Last Modified
2026-06-02
Generated
2026-06-22
AI Q&A
2026-06-02
EPSS Evaluated
2026-06-21
NVD
CVE-2026-40619
EUVD
EUVD-2026-33946
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
genetec security_center From 5.7_sr6 (inc) to 5.13 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-40619 is a high-severity vulnerability affecting the main server installations of Genetec Security Center versions 5.7 SR6 through 5.13. It allows an attacker who already has local operating system privileges on the main server to access the Server Admin credentials. These credentials may be exposed because they can be captured in installation logs under certain conditions during the installation process.

The vulnerability only affects new server deployments and not upgrades from versions prior to 5.7 SR6 on the same main server. It is also limited to main server installations and does not affect expansion servers. The issue is related to specific installation package builds rather than just the product version number.

Compliance Impact

This vulnerability allows an attacker with local OS privileges to access Server Admin credentials, which may be captured in installation logs under specific conditions. Such unauthorized access to sensitive credentials could potentially lead to data breaches or unauthorized system access.

While the provided information does not explicitly mention compliance with standards like GDPR or HIPAA, the exposure of administrative credentials and sensitive installation logs could impact compliance by increasing the risk of unauthorized access to personal or protected health information.

Mitigation steps such as rotating passwords, restricting folder permissions, and removing sensitive installation logs are recommended to reduce the risk and help maintain compliance with security requirements in these regulations.

Impact Analysis

If exploited, this vulnerability could allow an attacker with local OS access to obtain the Server Admin credentials, which are highly sensitive. This could lead to unauthorized administrative access to the Security Center main server, potentially compromising the entire security system.

Since the attacker needs local OS privileges, the risk depends on the ability of an attacker to gain such access first. Once obtained, the attacker could misuse the admin credentials to manipulate security settings, access sensitive data, or disrupt system operations.

Genetec recommends rotating the Server Admin password if it has not been changed since installation and using a provided utility tool to identify and remove installation logs containing sensitive data. Restricting access to installation log folders is also advised as a mitigation.

Detection Guidance

This vulnerability can be detected by identifying whether the main server installation was performed using vulnerable installation package builds. Version numbers alone are insufficient because both vulnerable and remediated builds exist under the same version number.

Genetec provides a standalone utility tool named SecurityUtility_CVE-2026-40619_SAM.exe that can be used to identify and remove installation logs containing sensitive data related to this vulnerability.

Additionally, detection involves checking the installation logs located in the folder ProgramData\Genetec\Installation for sensitive Server Admin credentials.

While specific commands are not provided, restricting access to the installation folder and examining file hashes against the list of fixed build hashes can help determine exposure.

Mitigation Strategies

Immediate mitigation steps include rotating the Server Admin password if it has not been changed since installation to prevent unauthorized access.

Use the SecurityUtility_CVE-2026-40619_SAM.exe tool to identify and remove installation logs that may contain sensitive Server Admin credentials.

Restrict access permissions to the folder ProgramData\Genetec\Installation to administrator users only, or if a silent installer was used, restrict permissions on the custom installation location folder.

Refer to Genetec’s security advisory and KBA-79291 for patching instructions and to verify if your installation build is vulnerable or remediated.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40619. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart