CVE-2025-1789
Published: 24 February 2026
Summary
CVE-2025-1789 is a medium-severity Incorrect Default Permissions (CWE-276) vulnerability in Genetec Genetec Update Service. Its CVSS base score is 5.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-1789 is a local privilege escalation vulnerability (CWE-276) in the Genetec Update Service on Windows systems. Published on 2026-02-24, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high impact potential from a local attack vector with low complexity and low privileges required.
An authenticated, low-privileged Windows user can exploit this vulnerability to gain elevated privileges on the affected system, potentially allowing full control over the host.
Genetec has addressed this issue in security updates for Genetec Update Service 2.10, with details on resolved vulnerabilities available in their advisory at https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208100
Vulnerability details
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local privilege escalation vulnerability (CWE-276) directly enables T1068 by allowing low-privileged authenticated users to exploit incorrect permissions in the update service for elevated access.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely remediation of identified flaws, directly addressing the privilege escalation vulnerability in Genetec Update Service via vendor security updates.
Enforces least privilege principle, minimizing privileges available to low-privileged users and limiting escalation potential on the affected Windows system.
Manages system accounts to restrict low-privileged local user accounts, reducing the authenticated users available to exploit the vulnerability.