Hm, interesting case... first of all, it depends what is meant by "end user details."
It's important to remember that the GDPR only regulates personally-identifiable information or what it terms "personal data", i.e. "any information relating to an identified or identifiable natural person," (Article 4.) That means info like a human being (within the EU)'s home address, or full name, or personal cellphone number, or passport photo, etc.
So if the integrator is simply sending to Avigilon the names and addresses of companies or other impersonal entities and how much equipment they've ordered, that information isn't even covered by GDPR in the first place. No GDPR issue.
However if the integrator is actually sending the names or addresses of individual persons to Avigilon... that's personal data. Therefore the integrator must, at minimum, disclose "the recipients or categories of recipients of the personal data" to the end user and, if that data is getting sent to a "third country" like the US, disclose that as well. (See Article 13, sections 1e and 1f.)
Because this kind of processing would most likely be construed as based on consent (see Article 6, Lawfulness of Processing) you would also likely also need clear consent from these end users that their data is being shared with Avigilon as well as yourself. This consent request must "be presented in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language" (Article 7.)
So if integrators are sending the personal data of people within the EU to Avigilon without disclosing it or asking for end users' consent, it could definitely be construed as GDPR violations of Article 6 (consent) and Article 13 (disclosing who you share personal data with / which country is getting that data.)