Vulnerability Details CVE-2025-49080
There is a memory management vulnerability in Absolute
Secure Access server versions 9.0 to 13.54. Attackers with network access to
the server can cause a Denial of Service by sending a specially crafted
sequence of packets to the server. The attack complexity is low, there are no
attack requirements, privileges, or user interaction required. Loss of
availability is high; there is no impact on confidentiality or integrity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.3%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-49080
-
cpe:2.3:a:absolute:secure_access:12.50
-
cpe:2.3:a:absolute:secure_access:12.70
-
cpe:2.3:a:absolute:secure_access:13.04
-
cpe:2.3:a:absolute:secure_access:13.05
-
cpe:2.3:a:absolute:secure_access:13.06
-
cpe:2.3:a:absolute:secure_access:13.07
-
cpe:2.3:a:absolute:secure_access:13.08