CVE-2025-49080

There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access to the server can cause a Denial of Service by sending a specially crafted sequence of packets to the server. The attack complexity is low, there are no attack requirements, privileges, or user interaction required. Loss of availability is high; there is no impact on confidentiality or integrity.

Published: Jun 12, 2025
Updated: Jun 24, 2025
CVE: CVE-2025-49080
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
absolute / secure_access	9.0	13.54.x

https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49080

Vulnerability Database

289,697

CVE-2025-49080