A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams.

Project Subscriptions

Vendors Products
Genetec Subscribe
Security Center Subscribe
Advisories

No advisories yet.

Fixes

Solution

This issue is fixed in Security Center 5.14.0.0 in build number 5.14.178.18 and all later versions.


Workaround

No workaround given by the vendor.

History

Tue, 07 Jul 2026 05:45:00 +0000

Type Values Removed Values Added
Title Unauthenticated Access to Live Video Streams in Genetec Security Center

Tue, 07 Jul 2026 01:30:00 +0000

Type Values Removed Values Added
First Time appeared Genetec
Genetec security Center
Vendors & Products Genetec
Genetec security Center

Mon, 06 Jul 2026 21:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 06 Jul 2026 20:30:00 +0000

Type Values Removed Values Added
Description A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams.
Weaknesses CWE-287
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Genetec

Published:

Updated: 2026-07-06T20:52:18.246Z

Reserved: 2026-06-21T17:17:02.798Z

Link: CVE-2026-55727

cve-icon Vulnrichment

Updated: 2026-07-06T20:52:14.429Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-07T05:30:04Z

Weaknesses