CVE-2026-25112 Genetec Inc. CVE debrief

Who should care

Organizations running Genetec security products with integrated RabbitMQ messaging components, particularly those with multi-user endpoint environments where non-administrative users have local system access. System administrators responsible for Genetec deployment hardening and privilege management should prioritize review.

Technical summary

The vulnerability exists in how RabbitMQ is deployed within Genetec products, where incorrect permission assignments (CWE-732) allow a low-privileged local attacker to escalate privileges. The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H indicates local attack vector, low complexity, low privileges required, no user interaction, and high impacts across confidentiality, integrity, and availability. This suggests the RabbitMQ service or associated files may be installed with overly permissive access controls that do not properly restrict write or execute permissions from non-privileged users.

Defensive priority

HIGH

Recommended defensive actions

• Review Genetec security advisories for affected product versions and deployment configurations
• Audit local file system permissions on RabbitMQ installation directories in Genetec environments
• Apply vendor-provided patches or configuration guidance when available
• Restrict local access to systems running Genetec RabbitMQ deployments
• Monitor for anomalous privilege escalation attempts on affected endpoints

Evidence notes

CVSS vector confirmed as CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Weakness classified as CWE-732 (Incorrect Permission Assignment for Critical Resource) per vendor submission. Vendor attribution based on [email protected] source references and domain evidence.

Official resources