CVE-2026-15506 - SecureAge CatchPulse Driver Vulnerability
CVE-2026-15506 - SecureAge CatchPulse Driver Vulnerability
A security vulnerability, identified as CVE-2026-15506, has been detected in SecureAge CatchPulse up to version 10.9.3. The affected element is an unknown function in the library saappctl.sys of the component Driver. Such manipulation leads to a heap-based buffer overflow. An attack must be approached locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure. This vulnerability was published on July 12, 2026.
Severity Assessment
The Common Vulnerability Scoring System (CVSS) assesses the severity of this vulnerability:
- CVSS 2.0: Score is 6.8 (MEDIUM severity) with an Exploitability Score of 3.1 and an Impact Score of 10.0.
- CVSS 3.1: Score is 7.8 (HIGH severity) with an Exploitability Score of 1.8 and an Impact Score of 5.9.
- CVSS 4.0: Score is 7.1 (HIGH severity).
Affected Vendor
The affected vendor is Secureage, with the product CatchPulse. Remotely Exploit: No, an attack must be approached locally.
Associated Weaknesses
CVE-2026-15506 is associated with:
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-122: Heap-based Buffer Overflow
Common Attack Patterns
Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which include:
- CAPEC-8: Buffer Overflow in an API Call
- CAPEC-9: Buffer Overflow in Local Command-Line Utilities
- CAPEC-10: Buffer Overflow via Environment Variables
- CAPEC-14: Client-side Injection-induced Buffer Overflow
- CAPEC-24: Filter Failure through Buffer Overflow
Remediation
To remediate this memory corruption vulnerability, users should update SecureAge CatchPulse to version 10.9.4 or later. This involves applying vendor-provided security patches and restricting local access to the driver component.