Management Console Vulnerability in Absolute Secure Access by Absolute
CVE-2025-27702

6.9MEDIUM

Key Information:

Vendor

Absolute Security

Status
Secure Access
Vendor
CVE Published:
28 May 2025

What is CVE-2025-27702?

A vulnerability in the management console of Absolute Secure Access allows attackers with administrative access and specific permissions to bypass restrictions and modify settings improperly. This vulnerability introduces a significant risk as it can lead to unauthorized alterations, compromising the integrity of the system. Notably, no user interaction is necessary, and the complexity of the attack is low, making it imperative for organizations using the affected product to address this issue swiftly.

Affected Version(s)

Secure Access 0 < 13.54

References

https://www.absolute.com/platform/vulnerability-archive/c...

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.