exploitDog

CVE-2025-1787

Опубликовано: 24 фев. 2026

Источник: nvd

CVSS3: 4.2

EPSS Низкий

Описание

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.

Ссылки

https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:genetec:genetec_update_service:*:*:*:*:*:*:*:*

Версия до 2.10.6 (исключая)

EPSS

Процентиль: 1%

0.00088

Низкий

4.2 Medium

CVSS3

Дефекты

CWE-346

Связанные уязвимости

GHSA-fpg9-3qpq-vpm5

CVSS3: 4.2

github

4 месяца назад

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege escalation.

EPSS

Процентиль: 1%

0.00088

Низкий

4.2 Medium

CVSS3

Дефекты

CWE-346