Skip to main content

Critical vulnerability in RabbitMQ affecting Genetec products

November 17, 2022

A critical vulnerability was discovered in the RabbitMQ message broker, a third-party component used by some Genetec products to communicate together.

As a consequence, some versions of Mission Control, Sipelia, Industrial IoT plugin, Airport Operational Manager (AOM) plugin, Restricted Security Area (RSA) Surveillance plugin, and Inter-System Gateway (IS Gateway) service are affected and must be patched as soon as possible in order to mitigate any risk of compromise.

Risk assessment

This vulnerability, identified as CVE-2022-37026, originates from a bug in Erlang OTP and may allow a malicious actor to bypass the authentication process and impersonate other users when the server is configured to use TLS or DTLS authentication.

This vulnerability has a base score of 9.8 (CVSS 3.1)

Affected products

Genetec products Version Update with
Sipelia 2.10 and earlier Sipelia 2.12GA
Mission Control All RabbitMQ
IoT Plugin All RabbitMQ
ISG Plugin All RabbitMQ
RSA Plugin All RabbitMQ
AOM Plugin All RabbitMQ


Please refer to KBA-79137 for more details.


To remediate this vulnerability for Sipelia, Genetec Inc. recommends that their customers update Sipelia to the latest version (Sipelia 2.12GA).

To address this vulnerability for the other impacted products, Genetec Inc. recommends that their customers update their systems with a newer version of RabbitMQ (RabbitMQ

The packages are available on the Genetec Technical Assistance Portal (GTAP).

If you would like more information or need assistance, please log in to the Genetec Technical Assistance Portal (GTAP) to open a ticket.