CVE-2025-1789

Summary

Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.

Affected Software

VendorProductVersion RangeStatus
Genetec Inc.Genetec Update Service<2.10.600affected
Genetec Inc.Genetec Update Service>=2.10.600unaffected

Weaknesses

  • CWE-276: Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References