CVE-2025-43027

CRITICAL

Genetec Security Center - Privilege Escalation

Title source: llm

Description

A critical severity vulnerability has been identified in the ALPR Manager role of Security Center that could allow attackers to gain administrative access to the Genetec Security Center system. The Genetec engineering team discovered this issue internally. There is currently no evidence that this vulnerability has been exploited in the wild.

References (2)

Core 2

Core References

Various Sources

https://resources.genetec.com/security-advisories/critical-security-vulnerability-affecting-the-alpr-manager-role-of-security-center

Various Sources

https://ressources.genetec.com/avis-de-securite/faille-de-securite-critique-affectant-le-role-gestionnaire-rapi-de-security-center

Scores

CVSS v3 9.8

EPSS 0.0030

EPSS Percentile 21.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-284

Status published

Products (10)

Genetec Inc./Genetec Security Center <5.9.5.10

Genetec Inc./Genetec Security Center >=5.10.0.0 <5.10.4.29

Genetec Inc./Genetec Security Center >=5.10.4.29

Genetec Inc./Genetec Security Center >=5.11.0.0 <5.11.3.25

Genetec Inc./Genetec Security Center >=5.11.3.25

Genetec Inc./Genetec Security Center >=5.12.0.0 <5.12.2.12

Genetec Inc./Genetec Security Center >=5.12.2.12

Genetec Inc./Genetec Security Center >=5.13.0.0 <5.13.2.3

Genetec Inc./Genetec Security Center >=5.13.2.3

Genetec Inc./Genetec Security Center >=5.9.5.10

Published Oct 30, 2025

Tracked Since Feb 18, 2026