7.8 CVE-2026-40952

Enriched by CISA
 

CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location.
https://nvd.nist.gov/vuln/detail/CVE-2026-40952

Categories

CWE-NVD-noinfo

CWE-276 : Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files. The architecture needs to access and modification attributes for files to only those users who actually require those actions. Executables installed world-writable. Home directories installed world-readable. World-writable log files allow information loss; world-readable file has cleartext passwords. World-readable directory. Windows product uses insecure permissions when installing on Solaris (genesis: port error). Insecure permissions for a shared secret key file. Overlaps cryptographic problem. Default permissions of a device allow IP spoofing.

References

SecurityResponse@netmotionsoftware.com


 

AFFECTED (from MITRE)


Vendor Product Versions
Absolute Security Secure Access
  • < 14.55 [affected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe start end
Configuration 1
AND
   cpe:2.3:a:absolute:secure_access:*:*:*:*:*:*:*:* < 14.55
  Running on/with
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


REMEDIATION




EXPLOITS


Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
1 Accessing Functionality Not Properly Constrained by ACLs
High
127 Directory Indexing
Medium
81 Web Server Logs Tampering
High


MITRE


Techniques

id description
T1083 File and Directory Discovery
T1574.010 Hijack Execution Flow: ServicesFile Permissions Weakness
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Mitigations

id description
M1018 Limit privileges of user accounts and groups so that only authorized administrators can interact with service changes and service binary target path locations. Deny execution from user directories such as file download directories and temp directories where able.
© 2022 The MITRE Corporation. Esta obra se reproduce y distribuye con el permiso de The MITRE Corporation.