CVE-2025-49080 | THREATINT

Description

There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access to the server can cause a Denial of Service by sending a specially crafted sequence of packets to the server. The attack complexity is low, there are no attack requirements, privileges, or user interaction required. Loss of availability is high; there is no impact on confidentiality or integrity.

PUBLISHED Reserved 2025-05-30 | Published 2025-06-12 | Updated 2025-06-17 | Assigner Absolute

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Product status

Default status

unaffected

9.0 (Server Version) before 13.54

affected

References

www.absolute.com/...ion/vulnerability-archive/cve-2025-49080

cve.org (CVE-2025-49080)

nvd.nist.gov (CVE-2025-49080)

Download JSON