CVE-2026-55727 PUBLISHED

Assigner: Genetec
Reserved: 21.06.2026 Published: 06.07.2026 Updated: 06.07.2026

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS Score: 7.5

Product Status

Vendor Genetec Inc.
Product Genetec Security Center
Versions Default: unaffected
  • affected from 5.14.0.0 build 5.14.178.8 to 5.14.0.0 build 5.14.178.18 (excl.)
  • Version 5.14.0.0 build 5.14.178.18 is unaffected

Solutions

This issue is fixed in Security Center 5.14.0.0 in build number 5.14.178.18 and all later versions.

References

Problem Types

  • CWE-287: Improper Authentication CWE

Impacts

  • CAPEC-115: Authentication Bypass