Description
A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.
Published: 2024-11-05
Score: 8.9 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

Vendor Solution

This issue is fixed in Security Center 5.8.2.1, 5.9.5.8, 5.10.4.23, 5.11.3.13, 5.12.1.3, 5.12.2.1 and all later versions.

Vendor Workaround

If the Security Center instance cannot be updated in a timely fashion, the system administrator should deactivate the Web-based SDK role.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-48056 A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.
History

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00313}

 epss

{'score': 0.00372}

Sat, 09 Nov 2024 23:00:00 +0000

Type Values Removed Values Added
Description A high-severity vulnerability that can lead to arbitrary code execution was found in the Genetec Security Center product line. A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.
Metrics cvssV3_0

{'score': 8, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H'}

cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Fri, 08 Nov 2024 22:45:00 +0000

Type Values Removed Values Added
References

Fri, 08 Nov 2024 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 05 Nov 2024 16:45:00 +0000

Type Values Removed Values Added
References

Tue, 05 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Genetec
Genetec security Center
CPEs cpe:2.3:a:genetec:security_center:*:*:*:*:*:*:*:*
Vendors & Products Genetec
Genetec security Center
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 05 Nov 2024 16:00:00 +0000

Type Values Removed Values Added
Description A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line. A high-severity vulnerability that can lead to arbitrary code execution was found in the Genetec Security Center product line.
References

Tue, 05 Nov 2024 14:00:00 +0000

Type Values Removed Values Added
Description A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetecâ„¢ Security Center product line. A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.

Tue, 05 Nov 2024 13:45:00 +0000

Type Values Removed Values Added
Description Unsafe Reflection issue found in Security Center. A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetecâ„¢ Security Center product line.

Tue, 05 Nov 2024 13:15:00 +0000

Type Values Removed Values Added
Description Unsafe Reflection issue found in Security Center.
Weaknesses CWE-470
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Genetec Security Center
cve-icon MITRE

Status: PUBLISHED

Assigner: Genetec

Published:

Updated: 2024-11-09T22:45:41.270Z

Reserved: 2024-07-23T20:53:20.464Z

Link: CVE-2024-7059

cve-icon Vulnrichment

Updated: 2024-11-05T15:11:24.675Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-05T13:15:03.963

Modified: 2024-11-09T23:15:13.563

Link: CVE-2024-7059

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses