CVE-2026-40619
published 2026-06-02CVE-2026-40619: A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to…
PriorityP345high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.11%
1.8th percentile
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation.
This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number.
Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| genetec_inc | genetec_security_center | — | — |
| genetec_inc | genetec_security_center | — | — |
| genetec_inc | genetec_security_center | — | — |
| genetec_inc | genetec_security_center | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Genetec Security Center log file
vuldb·2026-06-02·CVSS 7.8
CVE-2026-40619 [HIGH] Genetec Security Center log file
A vulnerability classified as problematic has been found in Genetec Security Center. This impacts an unknown function. The manipulation leads to sensitive information in log files.
This vulnerability is listed as CVE-2026-40619. The attack must be carried out locally. There is no available exploit.
It is recommended to upgrade the affected component.
GHSA
A high security vulnerability affecting Security Center main server installations has been identified.
ghsa_unreviewed·2026-06-02
CVE-2026-40619 [HIGH] CWE-532 A high security vulnerability affecting Security Center main server installations has been identified.
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation.
This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number.
Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distin
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-02
Published