Description
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.
Published: 2026-05-26
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A high‑severity vulnerability exists in the deployment of Genetec RabbitMQ. The flaw allows an attacker to elevate privileges and gain higher‑level access than intended. The weakness is identified as CWE‑732, which relates to incorrect authorization controls.

Affected Systems

The affected products are listed by Genetec, Inc.: Genetec Airport Operational Manager, Genetec Industrial IoT, Genetec Inter‑System Gateway, Genetec Mission Control, Genetec RabbitMQ, Genetec Restricted Security Area, and Genetec Sipelia. These products employ RabbitMQ deployments that are vulnerable to privilege escalation.

Risk and Exploitability

The CVSS base score of 7.8 categorizes it as high severity, and the EPSS score is not available, meaning no current epidemiological data is reported. It is not listed in CISA’s KEV catalog. The likely attack vector is through access to the RabbitMQ deployment, potentially via network or the management interface, but this is inferred from the nature of the flaw and the lack of detailed exploitation information.

Generated by OpenCVE AI on May 26, 2026 at 16:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch or update to the Genetec RabbitMQ deployment as released by the vendor.
  • Restrict network access to RabbitMQ management interfaces and ensure only trusted hosts can reach the service.
  • Review and tighten role‑based access controls to ensure that administrative privileges are only granted to necessary personnel.

Generated by OpenCVE AI on May 26, 2026 at 16:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 08:30:00 +0000

Type Values Removed Values Added
References

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Genetec
Genetec genetec Airport Operational Manager
Genetec genetec Industrial Iot
Genetec genetec Inter-system Gateway
Genetec genetec Mission Control
Genetec genetec Rabbitmq
Genetec genetec Restricted Security Area
Genetec genetec Sipelia
Vendors & Products Genetec
Genetec genetec Airport Operational Manager
Genetec genetec Industrial Iot
Genetec genetec Inter-system Gateway
Genetec genetec Mission Control
Genetec genetec Rabbitmq
Genetec genetec Restricted Security Area
Genetec genetec Sipelia

Tue, 26 May 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 26 May 2026 16:45:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Misconfigured RabbitMQ Deployment in Genetec Products

Tue, 26 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.
Weaknesses CWE-732
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Genetec Genetec Airport Operational Manager Genetec Industrial Iot Genetec Inter-system Gateway Genetec Mission Control Genetec Rabbitmq Genetec Restricted Security Area Genetec Sipelia
cve-icon MITRE

Status: PUBLISHED

Assigner: Genetec

Published:

Updated: 2026-06-09T07:13:23.052Z

Reserved: 2026-03-04T16:30:34.092Z

Link: CVE-2026-25112

cve-icon Vulnrichment

Updated: 2026-06-09T07:13:23.052Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-26T16:16:22.977

Modified: 2026-06-09T08:16:27.317

Link: CVE-2026-25112

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T10:04:58Z

Weaknesses
  • CWE-732

    Incorrect Permission Assignment for Critical Resource