Cyber Resilience

CVE-2025-1789

Medium

Published: 24 February 2026

Published
24 February 2026
Modified
26 April 2026
KEV Added
Patch
CVSS Score v4 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:X/V:C/RE:X/U:X
EPSS Score 0.0002 4.2th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1789 is a medium-severity Incorrect Default Permissions (CWE-276) vulnerability in Genetec Genetec Update Service. Its CVSS base score is 5.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-1789 is a local privilege escalation vulnerability (CWE-276) in the Genetec Update Service on Windows systems. Published on 2026-02-24, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high impact potential from a local attack vector with low complexity and low privileges required.

An authenticated, low-privileged Windows user can exploit this vulnerability to gain elevated privileges on the affected system, potentially allowing full control over the host.

Genetec has addressed this issue in security updates for Genetec Update Service 2.10, with details on resolved vulnerabilities available in their advisory at https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10.

EU & UK References

Vulnerability details

Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation vulnerability (CWE-276) directly enables T1068 by allowing low-privileged authenticated users to exploit incorrect permissions in the update service for elevated access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21532Shared CWE-276
CVE-2025-24176Shared CWE-276
CVE-2024-43769Shared CWE-276
CVE-2025-0543Shared CWE-276
CVE-2025-7024Shared CWE-276
CVE-2025-24267Shared CWE-276
CVE-2026-25203Shared CWE-276
CVE-2024-49737Shared CWE-276
CVE-2024-34730Shared CWE-276
CVE-2025-24107Shared CWE-276

Affected Assets

genetec
genetec update service
≤ 2.10.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of identified flaws, directly addressing the privilege escalation vulnerability in Genetec Update Service via vendor security updates.

prevent

Enforces least privilege principle, minimizing privileges available to low-privileged users and limiting escalation potential on the affected Windows system.

prevent

Manages system accounts to restrict low-privileged local user accounts, reducing the authenticated users available to exploit the vulnerability.

References