CVE-2025-49084
BaseFortify
Publication date: 2025-07-31
Last updated on: 2025-08-05
Assigner: NetMotion Software
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| absolute | secure_access | to 13.56 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access versions prior to 13.56. It allows attackers who already have administrative access to overwrite policy rules without having the necessary permissions. The attack is relatively easy to perform, requires high privileges, and does not need any user interaction.
How can this vulnerability impact me? :
This vulnerability has no impact on confidentiality and availability of the management console itself, and only a low impact on its integrity. However, it can cause high impact on confidentiality and availability, and low impact on integrity of subsequent systems that rely on the policies managed by the console.