CVE-2026-33451

EUVD-2026-26423
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure 
Access Windows client prior to 14.50. Attackers with local control of 
the Windows client can send malformed data to an API and elevate their 
level of privilege to system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
AbsoluteCNA
8.5 HIGH
LOCAL
LOW
LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 2.78%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
absolutesecure_access
𝑥
< 14.50
CNA
Common Weakness Enumeration
References
https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-33451