PatchSiren cyber security CVE debrief
CVE-2026-33443 Absolute CVE debrief
A memory management error was found in Secure Access servers prior to version 14.55. This issue allows attackers with intimate knowledge of and total control over the tunnel protocol to create a persistent denial-of-service (DoS) against the server. The vulnerability has a CVSS score of 7.1, indicating a high severity level. Administrators and security teams should be aware of this vulnerability and take necessary actions to mitigate the risk.
- Vendor
- Absolute
- Product
- Secure Access
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-15
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-15
- Advisory updated
- 2026-07-16
Who should care
Administrators and security teams responsible for Secure Access servers, especially those with versions prior to 14.55, should be aware of this vulnerability and take necessary actions to mitigate the risk. This includes reviewing and implementing the recommended actions to prevent potential exploitation.
Technical summary
CVE-2026-33443 is a memory management error in Secure Access servers prior to version 14.55. An attacker with intimate knowledge of and total control over the tunnel protocol can exploit this vulnerability to create a persistent denial-of-service (DoS) against the server. The CVSS score for this vulnerability is 7.1, indicating a high severity level. The vulnerability affects Secure Access servers prior to version 14.55.
Defensive priority
High
Recommended defensive actions
- Inventory and assess Secure Access servers for version 14.55 or later
- Apply the vendor-provided patch or upgrade to version 14.55 or later
- Monitor server logs for potential exploitation attempts
- Implement additional security controls to detect and prevent DoS attacks
- Review compensating controls for exposed systems while remediation is scheduled and verified
Evidence notes
The CVE record was published on 2026-07-15T20:16:56.780Z and last modified on 2026-07-16T02:57:06.703Z. The NVD entry is currently Analyzed. This information is based on the NVD entry and the CVE record. The vulnerability affects Secure Access servers prior to version 14.55. The CVE record and NVD entry provide additional context for this vulnerability.
Official resources
-
CVE-2026-33443 CVE record
CVE.org
-
CVE-2026-33443 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T20:16:56.780Z and has not been modified since then. The NVD entry is currently Analyzed.