SQL Injection Vulnerability in Genetec Security Center Access Manager
CVE-2026-27768

6.6MEDIUM

Key Information:

Vendor: Genetec Inc.
Status: Genetec Security Center
Vendor: CVE Published:; 25 May 2026

🔔 Create Genetec Inc. Vulnerability Alert

What is CVE-2026-27768?

An SQL Injection vulnerability has been identified in the Access Manager role of Genetec's Security Center. This weakness allows attackers to inject malicious SQL queries, potentially leading to unauthorized access to sensitive data or exploitation of the database. Proper security measures should be implemented to safeguard against this vulnerability, ensuring that input validation and prepared statements are utilized to protect the application.

Affected Version(s)

Genetec Security Center Windows <=5.9.5.11 <= 5.9.5.11

Genetec Security Center Windows <=5.10.4.31 <= 5.10.4.31

Genetec Security Center Windows <=5.11.3.28 <= 5.11.3.28

References

https://techdocs.genetec.com/r/en-US/Security-Updates-for...

https://techdocs.genetec.com/r/fr-FR/Mises-a-jour-de-secu...

https://techdocs.genetec.com/r/en-US/Security-Updates-for...

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 25, 2026
Vulnerability Reserved
Mar 3, 2026

CVE-2026-27768 Data

JSON