Vulnerability Details CVE-2026-33451
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure
Access Windows client prior to 14.50. Attackers with local control of
the Windows client can send malformed data to an API and elevate their
level of privilege to system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.1%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2026-33451
-
cpe:2.3:a:absolute:secure_access:-
-
cpe:2.3:a:absolute:secure_access:12.00
-
cpe:2.3:a:absolute:secure_access:12.50
-
cpe:2.3:a:absolute:secure_access:12.70
-
cpe:2.3:a:absolute:secure_access:13.04
-
cpe:2.3:a:absolute:secure_access:13.05
-
cpe:2.3:a:absolute:secure_access:13.06
-
cpe:2.3:a:absolute:secure_access:13.07
-
cpe:2.3:a:absolute:secure_access:13.08
-
cpe:2.3:a:absolute:secure_access:13.54
-
cpe:2.3:a:absolute:secure_access:13.55
-
cpe:2.3:a:absolute:secure_access:13.56
-
cpe:2.3:a:absolute:secure_access:14.02
-
cpe:2.3:a:absolute:secure_access:14.10
-
cpe:2.3:a:absolute:secure_access:14.12
-
cpe:2.3:a:absolute:secure_access:14.20
-
cpe:2.3:a:absolute:secure_access:9.0
-
cpe:2.3:o:microsoft:windows:-