Privilege Escalation Vulnerability in Absolute Secure Access Management Console
CVE-2025-27703

7HIGH

Key Information:

Vendor: Absolute Security
Status: Secure Access
Vendor: CVE Published:; 28 May 2025

🔔 Create Absolute Security Vulnerability Alert

What is CVE-2025-27703?

This vulnerability enables attackers with administrative access to certain privileged features in the Absolute Secure Access management console to elevate their permissions, allowing them to access additional functionalities within the same console. The attack can be executed with low complexity, does not require any pre-existing conditions, and necessitates high privileges. Although the confidentiality impact on the system is minimal, the potential to compromise system integrity is significant, while availability remains largely unaffected.

Affected Version(s)

Secure Access 0 < 13.54

References

https://www.absolute.com/platform/vulnerability-archive/c...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
May 28, 2025
Vulnerability Reserved
Mar 5, 2025

JSON