CVE-2026-33451
Analyzed Analyzed - Analysis Complete

Arbitrary Read/Write in Secure Access Windows Client

Vulnerability report for CVE-2026-33451, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-30

Last updated on: 2026-05-05

Assigner: NetMotion Software

Description

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-30
Last Modified
2026-05-05
Generated
2026-07-06
AI Q&A
2026-05-01
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
absolute secure_access to 14.50 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-33451 is an arbitrary read/write vulnerability found in the Secure Access Windows client versions prior to 14.50. This vulnerability allows attackers who have local control of the Windows client to send malformed data to an API, which can then be exploited to elevate their privileges to the system level.

Impact Analysis

This vulnerability can have a significant impact as it allows an attacker with local access to the Windows client to escalate their privileges to system level. This means the attacker could gain full control over the affected system, potentially leading to unauthorized access, data manipulation, or disruption of system operations.

Mitigation Strategies

To mitigate the CVE-2026-33451 vulnerability, users should update the Secure Access Windows client to version 14.50 or later.

This update addresses the arbitrary read/write vulnerability that allows local attackers to escalate privileges to SYSTEM level.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33451. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart