Unrated severityNVD Advisory· Published Jul 30, 2025· Updated Jul 31, 2025

Permissions bypass vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56

CVE-2025-49082

Description

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read other settings. The attack complexity is low, there are no preexisting attack requirements; the privileges required are high, and there is no user interaction required. The impact to system confidentiality is low, there is no impact to system availability or integrity.

Affected products

Absolute/Secure Accessllm-fuzzy
Range: <13.56
Absolute Security/Secure Accessv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49082mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000