Arbitrary Read/Write Vulnerability in Secure Access Windows Client by Absolute
CVE-2026-33451

8.5HIGH

Key Information:

Vendor: Absolute Software
Status: Secure Access
Vendor: CVE Published:; 30 April 2026

🔔 Create Absolute Software Vulnerability Alert

What is CVE-2026-33451?

The vulnerability identified in the Secure Access Windows client allows attackers with local access to exploit the application by sending specially crafted requests to an API. This can lead to arbitrary data read and write operations, potentially enabling attackers to escalate their privileges to system levels. Users are advised to upgrade to version 14.50 or later to mitigate the risk.

Affected Version(s)

Secure Access Windows 0 < 14.50

References

https://www.absolute.com/platform/security-information/vu...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Mar 19, 2026

CVE-2026-33451 Data

JSON