PatchSiren cyber security CVE debrief
CVE-2026-40952 Absolute CVE debrief
CVE-2026-40952 is a high-severity privilege misconfiguration vulnerability in the Secure Access installer for Windows client and server prior to version 14.55. Attackers with local access can exploit it to elevate privileges to Administrator when Secure Access is installed in a non-default location. This vulnerability has a significant impact on organizations using Secure Access in non-standard installations. The CVSS score for this vulnerability is 8.5, indicating a high severity level. Administrators and security teams should be aware of the potential risks and take immediate action to mitigate them.
- Vendor
- Absolute
- Product
- Secure Access
- CVSS
- HIGH 8.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-15
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-15
- Advisory updated
- 2026-07-16
Who should care
Administrators and security teams responsible for managing Secure Access installations, especially those with non-default installation locations, should be aware of this vulnerability and take immediate action to mitigate the risk. This includes reviewing the current installation locations, updating to the latest version, and monitoring for potential exploitation attempts.
Technical summary
The vulnerability exists in the Secure Access installer for Windows client and server versions prior to 14.55. It allows local attackers to elevate privileges to Administrator when Secure Access is installed in a non-default location. The vulnerability is caused by a misconfiguration in the installer, which can be exploited by attackers with local access. The CVSS score for this vulnerability is 8.5, indicating a high severity level. To mitigate this vulnerability, it is essential to apply the latest version (14.55 or later) of Secure Access for Windows client and server.
Defensive priority
High priority should be given to patching or mitigating this vulnerability, especially in environments where Secure Access is installed in non-default locations.
Recommended defensive actions
- Apply the latest version (14.55 or later) of Secure Access for Windows client and server
- Review and adjust Secure Access installation locations to ensure they are default or properly secured
- Monitor for local exploitation attempts and anomalous privilege escalation activity
- Implement additional access controls and monitoring for sensitive systems and data
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-15T20:16:57.907Z and was last modified on 2026-07-16T02:56:44.557Z. The NVD entry is currently Analyzed. The vulnerability details are based on the information available from the CVE and NVD sources. However, the scope and impact of the vulnerability might not be fully understood yet, and defenders should verify the information with the vendor and other sources for a comprehensive understanding.
Official resources
-
CVE-2026-40952 CVE record
CVE.org
-
CVE-2026-40952 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T20:16:57.907Z and has not been modified since then. The NVD entry is currently Analyzed.