CVE-2026-11459 - SecureAge CatchPulse IOCTL Vulnerability Disclosed
CVE-2026-11459 - SecureAge CatchPulse IOCTL Vulnerability Disclosed
CVE-2026-11459 - SecureAge CatchPulse IOCTL Vulnerability Disclosed 🚨
A new security vulnerability, tracked as CVE-2026-11459, has been detected in SecureAge CatchPulse up to version 10.9.1. This vulnerability affects an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to information disclosure. Local access is required to exploit this vulnerability.
The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond.
Vulnerability Details
- Date Published: June 7, 2026
- Affected Products: SecureAge CatchPulse
- CVSS V4.0 Score: AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- CVSS V3.1 Score: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- CVSS V2 Score: AV:L/AC:L/Au:S/C:P/I:N/A:N
Associated Common Weakness Enumerations (CWEs)
- CWE-200
- CWE-284
For further information, you can refer to the following links:
Stay informed and secure! 🔒
This post is licensed under CC BY 4.0 by the author.