CVE-2026-40619: A high security vulnerability affecting Security Center main server installations has been identified
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation. This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number. Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- >=5.14.0.0
- Affected Products
- 1
HarborGuard Analysis
Synopsis
A local privilege escalation vulnerability affects Genetec Security Center main server installations across a wide range of versions from 5.7 SR6 through 5.13.3.0. An attacker who already has a low-privilege OS account on the host running the main server can exploit this flaw to access the Server Admin credentials without any network exposure or additional authentication. Successful exploitation gives the attacker full control over confidentiality, integrity, and availability of the Security Center server. Patched-image rebuilds at the fixed versions (>=5.14.0.0, >5.10.4.0, >5.11.3.0, >5.12.2.0, >5.13.3.0) are available on HarborGuard for affected environments.
HarborGuard Coverage
Detection of CVE-2026-40619 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against images in customer registries and CI/CD pipelines, including custom-built images that bundle Genetec Security Center components. Because version-based comparison alone is insufficient here, HarborGuard's detection pipeline is capable of flagging any image whose installed package version falls within an affected range and flagging it for manual hash verification where build-hash data is available in the image layer metadata.
AvailableHarborGuard is capable of scoring this CVE at CVSS 7.8 (HIGH) and weighting that score against each customer's per-environment compliance policy to determine urgency and routing. Triage results are routed to the appropriate team inbox within each customer organization based on policy-defined ownership rules for infrastructure or server-side components.
AvailableA patched-image rebuild targeting the fixed version thresholds (>=5.14.0.0, >5.10.4.0, >5.11.3.0, >5.12.2.0, >5.13.3.0) becomes available on HarborGuard for environments running an affected version. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against affected workloads automatically.
AvailableExploit Conditions
- Network reachabilityNot required
The attacker needs an existing shell or process on the host; no network access to the service is required.
- AuthenticationRequired
Any low-privilege OS account on the main server host is sufficient; no elevated or admin rights are needed to initiate the attack.
- Victim interactionNot required
Exploitation is fully attacker-driven and requires no action from any other user or administrator on the system.
- Attack complexityDetail
The exploit is reliable and condition-free; no race conditions, specific memory layouts, or environmental dependencies are required.
Blast Radius
- Reads Server Admin credentials stored or accessible on the main server, enabling further lateral movement within the Security Center deployment.
- Modifies Security Center server configuration, access control rules, or persisted security event data.
- Crashes or disrupts the Security Center main server service, taking physical security management functions offline.
- Enables pivot to connected subsystems (cameras, access control hardware, integrations) by leveraging the recovered admin credentials.
How HarborGuard Handles This
Available on HarborGuard: detection for CVE-2026-40619 is matched against customer images within minutes of publication. Note that because certain affected versions (5.10.4.0, 5.11.3.0, 5.12.2.0, 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number, version comparison alone cannot confirm exposure. HarborGuard flags images in the affected version ranges and surfaces them for hash-based verification against Genetec's published remediated build hashes; customers should consult the Genetec security advisory for the authoritative hash list and confirm each flagged installation accordingly. Where compliance policy permits, a patched-image rebuild at a confirmed fixed version becomes available automatically, and customers with auto-remediation enabled receive a rebuild, a regression test run, and a pull request opened against affected workloads. Median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes for environments with auto-remediation enabled. As a compensating control in the interim, customers should restrict local OS account access on Security Center main server hosts to only those users who strictly require it, and audit existing local accounts for unnecessary privilege.
Fix available
- Genetec Inc. / Genetec Security Center>=5.7 SR6 <=5.10.4.0 · >=5.11.0.0 <=5.11.3.0 · >=5.12.0.0 <=5.12.2.0 · >=5.13.0.0 <=5.13.3.0Fixed in >5.10.4.0, >5.11.3.0, >5.12.2.0, >5.13.3.0, >=5.14.0.0
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H