Local OS Privilege Vulnerability in Security Center by Genetec
CVE-2026-40619

7.8HIGH

Key Information:

Vendor: Genetec Inc.
Status: Genetec Security Center
Vendor: CVE Published:; 2 June 2026

🔔 Create Genetec Inc. Vulnerability Alert

What is CVE-2026-40619?

A significant security vulnerability has been discovered in the main server installations of Genetec's Security Center, which could grant an attacker with local operating system privileges unauthorized access to critical Server Admin credentials. Investigations by a third-party entity highlighted that this issue is tied to specific installation package builds rather than the product version itself. Notably, certain releases, such as 5.10.4.0, 5.11.3.0, 5.12.2.0, and 5.13.3.0, may contain both insecure and patched installation packages under the same version label. Therefore, relying solely on version comparisons is not adequate for assessing vulnerability exposure. Affected installations can be clarified through verified installation package hashes; detailed remediation information is available in the security advisory section.

Affected Version(s)

Genetec Security Center Windows >=5.7 SR6 <=5.10.4.0 <= 5.7 SR6 5.10.4.0

Genetec Security Center Windows >=5.11.0.0 <=5.11.3.0 <= 5.11.0.0 5.11.3.0

Genetec Security Center Windows >=5.12.0.0 <=5.12.2.0 <= 5.12.0.0 5.12.2.0

References

https://resources.genetec.com/security-advisories/vulnera...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Apr 27, 2026

CVE-2026-40619 Data

JSON