CVE-2026-40619
Security Center Main Server Credential Exposure Vulnerability
Publication date: 2026-06-02
Last updated on: 2026-06-02
Assigner: Genetec Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| genetec | security_center | From 5.7_sr6 (inc) to 5.13 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-532 | The product writes sensitive information to a log file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-40619 is a high-severity vulnerability affecting the main server installations of Genetec Security Center versions 5.7 SR6 through 5.13. It allows an attacker who already has local operating system privileges on the main server to access the Server Admin credentials. These credentials may be exposed because they can be captured in installation logs under certain conditions during the installation process.
The vulnerability only affects new server deployments and not upgrades from versions prior to 5.7 SR6 on the same main server. It is also limited to main server installations and does not affect expansion servers. The issue is related to specific installation package builds rather than just the product version number.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker with local OS access to obtain the Server Admin credentials, which are highly sensitive. This could lead to unauthorized administrative access to the Security Center main server, potentially compromising the entire security system.
Since the attacker needs local OS privileges, the risk depends on the ability of an attacker to gain such access first. Once obtained, the attacker could misuse the admin credentials to manipulate security settings, access sensitive data, or disrupt system operations.
Genetec recommends rotating the Server Admin password if it has not been changed since installation and using a provided utility tool to identify and remove installation logs containing sensitive data. Restricting access to installation log folders is also advised as a mitigation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying whether the main server installation was performed using vulnerable installation package builds. Version numbers alone are insufficient because both vulnerable and remediated builds exist under the same version number.
Genetec provides a standalone utility tool named SecurityUtility_CVE-2026-40619_SAM.exe that can be used to identify and remove installation logs containing sensitive data related to this vulnerability.
Additionally, detection involves checking the installation logs located in the folder ProgramData\Genetec\Installation for sensitive Server Admin credentials.
While specific commands are not provided, restricting access to the installation folder and examining file hashes against the list of fixed build hashes can help determine exposure.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include rotating the Server Admin password if it has not been changed since installation to prevent unauthorized access.
Use the SecurityUtility_CVE-2026-40619_SAM.exe tool to identify and remove installation logs that may contain sensitive Server Admin credentials.
Restrict access permissions to the folder ProgramData\Genetec\Installation to administrator users only, or if a silent installer was used, restrict permissions on the custom installation location folder.
Refer to Genetecβs security advisory and KBA-79291 for patching instructions and to verify if your installation build is vulnerable or remediated.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows an attacker with local OS privileges to access Server Admin credentials, which may be captured in installation logs under specific conditions. Such unauthorized access to sensitive credentials could potentially lead to data breaches or unauthorized system access.
While the provided information does not explicitly mention compliance with standards like GDPR or HIPAA, the exposure of administrative credentials and sensitive installation logs could impact compliance by increasing the risk of unauthorized access to personal or protected health information.
Mitigation steps such as rotating passwords, restricting folder permissions, and removing sensitive installation logs are recommended to reduce the risk and help maintain compliance with security requirements in these regulations.