CVE-2026-25112

HIGH

Genetec RabbitMQ - Incorrect Permission Assignment for Critical Resource

Title source: rule
STIX 2.1

Description

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.

References (3)

Core 3

Scores

CVSS v3 7.8
EPSS 0.0011
EPSS Percentile 1.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-732
Status published
Products (16)
Genetec Inc./Genetec Airport Operational Manager <1.6
Genetec Inc./Genetec Airport Operational Manager >=1.6
Genetec Inc./Genetec Industrial IoT <5.5.118.0
Genetec Inc./Genetec Industrial IoT <6.0.196.0
Genetec Inc./Genetec Industrial IoT >=5.5.118.0
Genetec Inc./Genetec Industrial IoT >=6.0.196.0
Genetec Inc./Genetec Inter-System Gateway <1.2
Genetec Inc./Genetec Inter-System Gateway >=1.2
Genetec Inc./Genetec Mission Control <3.4.1.0
Genetec Inc./Genetec Mission Control >=3.4.1.0
... and 6 more
Published May 26, 2026
Tracked Since May 26, 2026