PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-33443 Absolute CVE debrief

A memory management error was found in Secure Access servers prior to version 14.55. This issue allows attackers with intimate knowledge of and total control over the tunnel protocol to create a persistent denial-of-service (DoS) against the server. The vulnerability has a CVSS score of 7.1, indicating a high severity level. Administrators and security teams should be aware of this vulnerability and take necessary actions to mitigate the risk.

Vendor
Absolute
Product
Secure Access
CVSS
HIGH 7.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-15
Original CVE updated
2026-07-16
Advisory published
2026-07-15
Advisory updated
2026-07-16

Who should care

Administrators and security teams responsible for Secure Access servers, especially those with versions prior to 14.55, should be aware of this vulnerability and take necessary actions to mitigate the risk. This includes reviewing and implementing the recommended actions to prevent potential exploitation.

Technical summary

CVE-2026-33443 is a memory management error in Secure Access servers prior to version 14.55. An attacker with intimate knowledge of and total control over the tunnel protocol can exploit this vulnerability to create a persistent denial-of-service (DoS) against the server. The CVSS score for this vulnerability is 7.1, indicating a high severity level. The vulnerability affects Secure Access servers prior to version 14.55.

Defensive priority

High

Recommended defensive actions

  • Inventory and assess Secure Access servers for version 14.55 or later
  • Apply the vendor-provided patch or upgrade to version 14.55 or later
  • Monitor server logs for potential exploitation attempts
  • Implement additional security controls to detect and prevent DoS attacks
  • Review compensating controls for exposed systems while remediation is scheduled and verified

Evidence notes

The CVE record was published on 2026-07-15T20:16:56.780Z and last modified on 2026-07-16T02:57:06.703Z. The NVD entry is currently Analyzed. This information is based on the NVD entry and the CVE record. The vulnerability affects Secure Access servers prior to version 14.55. The CVE record and NVD entry provide additional context for this vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T20:16:56.780Z and has not been modified since then. The NVD entry is currently Analyzed.