cvedb.io
CVE-2025-27702
MEDIUM · CVSS 4.9
EPSS exploitation probability: 0%
Published 2025-05-28T21:15:21.307 · Last modified 2026-06-17T09:04:05.183

Summary

CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly modify settings. The attack complexity is low, there are no preexisting attack requirements; the privileges required are high, and there is no user interaction required. There is no impact to system confidentiality or availability, impact to system integrity is high.

Affected products

absolute — secure_access

Does this affect you?

Add your gear to cvedb and we'll alert you only when absolute ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.