CVE-2025-49082

CVSS v4.0

5.1

Medium

Vector

AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Absolute Secure Access versions prior to 13.56

Description The issue allows attackers with administrative access to the management console and specific permissions to bypass permission restrictions and read other settings. The attack complexity is low, requiring high privileges and no user interaction. The impact on system confidentiality is low, with no impact on system availability or integrity.

Recommendations Update Absolute Secure Access to version 13.56 or later.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2025-49082

Affected Products

Absolute Secure Access

CVE-2025-49082

Weakness Enumeration

Related Identifiers

Affected Products

References · 8