Deserialization Vulnerability in Management Console of Absolute Secure Access
CVE-2025-49083

7HIGH

Key Information:

Vendor

Absolute Security

Status
Secure Access
Vendor
CVE Published:
31 July 2025

What is CVE-2025-49083?

The vulnerability in the management console of Absolute Secure Access allows attackers with administrative access to cause unsafe content to be deserialized and executed. This flaw could result in serious integrity issues within the management console, as attackers can exploit this weakness without any user interaction. While the risk to the confidentiality and integrity of subsequent systems is low, organizations should apply available updates to mitigate potential exploitation.

Affected Version(s)

Secure Access 12.00 < 13.56

References

https://www.absolute.com/platform/security-information/vu...

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

JSON
.