Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Absolute Software — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting Absolute Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Absolute Software provides endpoint management and security solutions, primarily through its Persistent Identification and Control (PIC) technology, which embeds firmware-level agents into devices to enable remote tracking and control. Historically, the platform has been associated with twenty-one recorded Common Vulnerabilities and Exposures (CVEs), reflecting a pattern of security flaws typical in complex enterprise management software. These vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insufficient access controls within the agent’s communication protocols. While no single catastrophic incident has defined the company’s public security history, the cumulative nature of these CVEs highlights ongoing challenges in securing persistent firmware-level components. The firm continues to address these issues through regular patches, though the inherent complexity of deep-system integration remains a focal point for security researchers evaluating the product’s risk profile.

Top products by Absolute Software: Secure Access
CVE IDTitleCVSSSeverityPublished
CVE-2026-40951 Memory corruption in Secure Access Windows clients prior to 14.50 — Secure Access 5.5 -2026-04-30
CVE-2026-40950 Buffer overflow in the Secure Access server prior to 14.50 — Secure Access 6.5 -2026-04-30
CVE-2026-40949 Buffer overflow in Windows clients prior to 14.50 — Secure Access 5.5 -2026-04-30
CVE-2026-33452 Buffer overflow in Windows clients prior to 14.50 — Secure Access 3.3 -2026-04-30
CVE-2026-33451 Arbitrary read/write vulnerability in Windows clients prior to 14.50 — Secure Access 7.8 -2026-04-30
CVE-2026-33450 Out of bounds read in Secure Access MacOS clients prior to 14.50 — Secure Access 7.5 -2026-04-30
CVE-2026-33449 Message handler buffer overflow in clients prior to 14.50 — Secure Access 8.2 -2026-04-30
CVE-2026-33448 Format string vulnerability in MacOS clients prior to 14.50 — Secure Access 7.5 -2026-04-30
CVE-2026-33447 Absolute Secure Access 安全漏洞 — Secure Access 9.1 -2026-04-30
CVE-2026-33446 Buffer overflow in client authentication prior to version 14.50 — Secure Access 9.1 -2026-04-30
CVE-2024-40875 Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.52 — Secure AccessCWE-79 4.8 -2024-12-20
CVE-2024-37352 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.5 Medium2024-06-20
CVE-2024-37351 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.5 Medium2024-06-20
CVE-2024-37350 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 6.5 Medium2024-06-20
CVE-2024-37349 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.5 Medium2024-06-20
CVE-2024-37348 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.5 Medium2024-06-20
CVE-2024-37347 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.5 Medium2024-06-20
CVE-2024-37346 Insufficient input validation vulnerability in the Absolute Secure Access Warehouse prior to 13.06 — Secure AccessCWE-20 4.9 Medium2024-06-20
CVE-2024-37345 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 5.3 Medium2024-06-20
CVE-2024-37344 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.5 Medium2024-06-20
CVE-2024-37343 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06 — Secure AccessCWE-79 4.8 Medium2024-06-20

This page lists every published CVE security advisory associated with Absolute Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.