← voltar
CVE-2026-33451

Arbitrary read/write vulnerability in Windows clients prior to 14.50

CVSS 8.5 HIGHEPSS 0.1%CWE-125
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.5EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
30 abr 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N