Excess Permissions Vulnerability in Absolute Secure Access Warehouse Component
CVE-2025-54086

5.3MEDIUM

Key Information:

Vendor: Absolute Security
Status: Secure Access
Vendor: CVE Published:; 2 October 2025

🔔 Create Absolute Security Vulnerability Alert

What is CVE-2025-54086?

The excess permissions vulnerability in the Warehouse component of Absolute Secure Access allows attackers with local file system access to read the sensitive Java keystore file. This vulnerability poses a low complexity risk, requiring minimal privileges and no user interaction. Although the impact on confidentiality is narrowed, it is crucial for users to address this issue due to potential exposure of sensitive data.

Affected Version(s)

Secure Access 0

References

https://www.absolute.com/platform/security-information/vu...

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2025
Vulnerability Reserved
Jul 16, 2025

JSON