Cross-Privilege Vulnerability in Absolute Secure Access Management Console
CVE-2025-49082

5.1MEDIUM

Key Information:

Vendor: Absolute Security
Status: Secure Access
Vendor: CVE Published:; 31 July 2025

🔔 Create Absolute Security Vulnerability Alert

What is CVE-2025-49082?

This vulnerability allows attackers with administrative access to Absolute Secure Access's management console to bypass assigned permissions, potentially exposing sensitive settings. Attackers do not need any preconditions to exploit this flaw, emphasizing the importance of securing administrative roles. Although the impact on confidentiality is limited and there's no risk to system integrity or availability, organizations must address this exposure to ensure robust security practices.

Affected Version(s)

Secure Access 0 < 13.56

References

https://www.absolute.com/platform/security-information/vu...

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2025