CVE-2025-49082
BaseFortify
Publication date: 2025-07-31
Last updated on: 2025-08-05
Assigner: NetMotion Software
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| absolute | secure_access | to 13.56 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access versions prior to 13.56. It allows attackers who already have administrative access and certain permissions to bypass those permissions and improperly read other settings within the console. The attack is of low complexity, requires high privileges, and does not require user interaction. The impact is limited to low confidentiality loss, with no impact on system availability or integrity.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with administrative access and specific permissions to read settings they should not have access to, potentially exposing sensitive configuration information. However, the impact is limited to low confidentiality loss, and it does not affect system availability or integrity.