HIGHCVE-2026-33451Published Modified CNA Absolute
CVE-2026-33451: Arbitrary read/write vulnerability in Windows clients prior to 14.50
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system.
Metrics
- CVSS v4.0
- 8.5
- Severity
- HIGH
- Fixed in
- 14.50
- Affected Products
- 1
Fix available
14.50
Affected packages
- Absolute Software / Secure Access< 14.50 (from 0)
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences