CVE-2025-2928 is a high-severity SQL Injection vulnerability identified in Genetec Inc.'s Security Center software, specifically impacting the Archiver role. The vulnerability arises from improper neutralization of special elements used in SQL commands, allowing an attacker with high privileges (Archiver role) to inject malicious SQL code. This flaw exists in multiple versions of the product, ranging from 5.9.0.0 up to but not including certain patch versions (e.g., <5.9.5.9, <5.10.4.28, <5.11.3.19, <5.12.2.6, <5.13.1.1). The CVSS 3.1 score is 7.2, indicating a high severity with network attack vector, low attack complexity, requiring privileges but no user interaction, and impacting confidentiality, integrity, and availability. Exploitation could allow an attacker to execute arbitrary SQL commands on the backend database, potentially leading to unauthorized data access, data manipulation, or disruption of services managed by the Security Center. Given the Archiver role typically manages video and event data storage, exploitation could compromise sensitive surveillance data or disrupt security operations. No known exploits are currently reported in the wild, but the vulnerability is publicly disclosed and patched versions are implied though no direct patch links are provided.

For European organizations, this vulnerability poses a significant risk especially to entities relying on Genetec Security Center for physical security management, such as critical infrastructure, transportation hubs, government facilities, and large enterprises. Successful exploitation could lead to unauthorized access to sensitive surveillance footage and security event logs, undermining physical security monitoring and incident response. Data integrity could be compromised by altering logs or video archives, potentially masking malicious activities or causing false alarms. Availability impacts could disrupt security operations, leading to gaps in surveillance coverage. Given the sensitivity of security data and regulatory requirements around data protection (e.g., GDPR), such a breach could result in legal and reputational consequences. The requirement for high privileges limits the attack surface but insider threats or compromised credentials could facilitate exploitation.

Organizations should promptly identify if they are running affected versions of Genetec Security Center and upgrade to the latest patched versions beyond 5.9.5.9, 5.10.4.28, 5.11.3.19, 5.12.2.6, or 5.13.1.1 as applicable. In absence of direct patch links, contacting Genetec support for official patches and guidance is critical. Additionally, implement strict access controls and monitoring around accounts with Archiver role privileges to detect and prevent misuse. Employ network segmentation to isolate security management systems from general IT networks, reducing exposure. Regularly audit logs for suspicious SQL queries or anomalous activities. Consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting the Security Center interfaces. Finally, enforce strong credential policies and multi-factor authentication for privileged accounts to mitigate risk from compromised credentials.