Description
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.
Published: 2026-05-26
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A high‑severity vulnerability exists in the deployment of Genetec RabbitMQ. The flaw allows an attacker to elevate privileges and gain higher‑level access than intended. The weakness is identified as CWE‑732, which relates to incorrect authorization controls.

Affected Systems

The affected products are listed by Genetec, Inc.: Genetec Airport Operational Manager, Genetec Industrial IoT, Genetec Inter‑System Gateway, Genetec Mission Control, Genetec RabbitMQ, Genetec Restricted Security Area, and Genetec Sipelia. These products employ RabbitMQ deployments that are vulnerable to privilege escalation.

Risk and Exploitability

The CVSS base score of 7.8 categorizes it as high severity, and the EPSS score is not available, meaning no current epidemiological data is reported. It is not listed in CISA’s KEV catalog. The likely attack vector is through access to the RabbitMQ deployment, potentially via network or the management interface, but this is inferred from the nature of the flaw and the lack of detailed exploitation information.

Generated by OpenCVE AI on May 26, 2026 at 16:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch or update to the Genetec RabbitMQ deployment as released by the vendor.
  • Restrict network access to RabbitMQ management interfaces and ensure only trusted hosts can reach the service.
  • Review and tighten role‑based access controls to ensure that administrative privileges are only granted to necessary personnel.

Generated by OpenCVE AI on May 26, 2026 at 16:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 26 May 2026 16:45:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Misconfigured RabbitMQ Deployment in Genetec Products

Tue, 26 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.
Weaknesses CWE-732
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Genetec

Published:

Updated: 2026-05-26T15:50:38.937Z

Reserved: 2026-03-04T16:30:34.092Z

Link: CVE-2026-25112

cve-icon Vulnrichment

Updated: 2026-05-26T15:50:35.613Z

cve-icon NVD

Status : Received

Published: 2026-05-26T16:16:22.977

Modified: 2026-05-26T16:16:22.977

Link: CVE-2026-25112

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T16:30:10Z

Weaknesses