PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-40952 Absolute CVE debrief

CVE-2026-40952 is a high-severity privilege misconfiguration vulnerability in the Secure Access installer for Windows client and server prior to version 14.55. Attackers with local access can exploit it to elevate privileges to Administrator when Secure Access is installed in a non-default location. This vulnerability has a significant impact on organizations using Secure Access in non-standard installations. The CVSS score for this vulnerability is 8.5, indicating a high severity level. Administrators and security teams should be aware of the potential risks and take immediate action to mitigate them.

Vendor
Absolute
Product
Secure Access
CVSS
HIGH 8.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-15
Original CVE updated
2026-07-16
Advisory published
2026-07-15
Advisory updated
2026-07-16

Who should care

Administrators and security teams responsible for managing Secure Access installations, especially those with non-default installation locations, should be aware of this vulnerability and take immediate action to mitigate the risk. This includes reviewing the current installation locations, updating to the latest version, and monitoring for potential exploitation attempts.

Technical summary

The vulnerability exists in the Secure Access installer for Windows client and server versions prior to 14.55. It allows local attackers to elevate privileges to Administrator when Secure Access is installed in a non-default location. The vulnerability is caused by a misconfiguration in the installer, which can be exploited by attackers with local access. The CVSS score for this vulnerability is 8.5, indicating a high severity level. To mitigate this vulnerability, it is essential to apply the latest version (14.55 or later) of Secure Access for Windows client and server.

Defensive priority

High priority should be given to patching or mitigating this vulnerability, especially in environments where Secure Access is installed in non-default locations.

Recommended defensive actions

  • Apply the latest version (14.55 or later) of Secure Access for Windows client and server
  • Review and adjust Secure Access installation locations to ensure they are default or properly secured
  • Monitor for local exploitation attempts and anomalous privilege escalation activity
  • Implement additional access controls and monitoring for sensitive systems and data
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-07-15T20:16:57.907Z and was last modified on 2026-07-16T02:56:44.557Z. The NVD entry is currently Analyzed. The vulnerability details are based on the information available from the CVE and NVD sources. However, the scope and impact of the vulnerability might not be fully understood yet, and defenders should verify the information with the vendor and other sources for a comprehensive understanding.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T20:16:57.907Z and has not been modified since then. The NVD entry is currently Analyzed.