Secure Access Release Notes 14.21- Jan 30; 2026$$$$$$Title$$$Secure Access Release Notes 14.21$$$Content$$$Secure Access 14.21 Release Notes$$$ Secure Access 14.21 is a bugfix release for the Windows client platform only.$$$ Updates to the Secure Access client include:$$$$$$Resolved an issue with Unattended mode introduced in version 14.20. Deployments that use SAML or RADIUS with user certificates for authentication were not affected.

Secure Access Release Notes 14.21- Jan 30; 2026$$$$$$Title$$$Secure Access Release Notes 14.21$$$Content$$$Secure Access 14.21 Release Notes$$$ Secure Access 14.21 is a bugfix release for the Windows client platform only.$$$ Updates to the Secure Access client include:$$$$$$Resolved an issue with Unattended mode introduced in version 14.20. Deployments that use SAML or RADIUS with user certificates for authentication were not affected.

Secure Access Release Notes 14.20$$$$$$Jan 13; 2026Knowledge$$$$$$Title$$$Secure Access Release Notes 14.20$$$Content$$$Secure Access 14.20 Release Notes$$$$$$Secure Access 14.20 is a general maintenance release for the server and all clients that addresses several quality-of-life issues; three security vulnerabilities in Secure Access; and addresses third-party CVEs in Tomcat; Netty; and Corretto.$$$$$$For a list of security fixes; see our Secure Access 14.20 and Insights 4.31 Security Advisory.$$$$$$ $$$$$$Release Highlights$$$$$$Updates to the Secure Access server include:$$$$$$Improved warehouse upgrade process by addressing an issue with re-indexing at scale.$$$Improved error handling to address an infrequent networking issue that could cause a crash.$$$Improved failover behavior when using RADIUS for device authentication.$$$Resolved miscellaneous bugs that could interrupt access to the Rules page in Policy; the console roles page in RBAC; and interrupt the ability to generate support logs.$$$(ZTNA only) Resolved a bug where RADIUS server responses quit being seen after connector disconnects and reconnects.$$$Updates to the Windows client include:$$$$$$Improved NAC compliance checking. $$$Updates to the macOS client include:$$$$$$Improved logging related to captive portal detection.$$$ $$$$$$For a list of fixes for this release; see: Secure Access 14.20 Known and Resolved Issues$$$$$$URL Name$$$Secure-Access-Release-Notes-1420

Secure Access Release Notes 14.20$$$$$$Jan 13; 2026Knowledge$$$$$$Title$$$Secure Access Release Notes 14.20$$$Content$$$Secure Access 14.20 Release Notes$$$$$$Secure Access 14.20 is a general maintenance release for the server and all clients that addresses several quality-of-life issues; three security vulnerabilities in Secure Access; and addresses third-party CVEs in Tomcat; Netty; and Corretto.$$$$$$For a list of security fixes; see our Secure Access 14.20 and Insights 4.31 Security Advisory.$$$$$$ $$$$$$Release Highlights$$$$$$Updates to the Secure Access server include:$$$$$$Improved warehouse upgrade process by addressing an issue with re-indexing at scale.$$$Improved error handling to address an infrequent networking issue that could cause a crash.$$$Improved failover behavior when using RADIUS for device authentication.$$$Resolved miscellaneous bugs that could interrupt access to the Rules page in Policy; the console roles page in RBAC; and interrupt the ability to generate support logs.$$$(ZTNA only) Resolved a bug where RADIUS server responses quit being seen after connector disconnects and reconnects.$$$Updates to the Windows client include:$$$$$$Improved NAC compliance checking. $$$Updates to the macOS client include:$$$$$$Improved logging related to captive portal detection.$$$ $$$$$$For a list of fixes for this release; see: Secure Access 14.20 Known and Resolved Issues$$$$$$URL Name$$$Secure-Access-Release-Notes-1420

Secure Access Release Notes 14.20$$$$$$Jan 13; 2026Knowledge$$$$$$Title$$$Secure Access Release Notes 14.20$$$Content$$$Secure Access 14.20 Release Notes$$$$$$Secure Access 14.20 is a general maintenance release for the server and all clients that addresses several quality-of-life issues; three security vulnerabilities in Secure Access; and addresses third-party CVEs in Tomcat; Netty; and Corretto.$$$$$$For a list of security fixes; see our Secure Access 14.20 and Insights 4.31 Security Advisory.$$$$$$ $$$$$$Release Highlights$$$$$$Updates to the Secure Access server include:$$$$$$Improved warehouse upgrade process by addressing an issue with re-indexing at scale.$$$Improved error handling to address an infrequent networking issue that could cause a crash.$$$Improved failover behavior when using RADIUS for device authentication.$$$Resolved miscellaneous bugs that could interrupt access to the Rules page in Policy; the console roles page in RBAC; and interrupt the ability to generate support logs.$$$(ZTNA only) Resolved a bug where RADIUS server responses quit being seen after connector disconnects and reconnects.$$$Updates to the Windows client include:$$$$$$Improved NAC compliance checking. $$$Updates to the macOS client include:$$$$$$Improved logging related to captive portal detection.$$$ $$$$$$For a list of fixes for this release; see: Secure Access 14.20 Known and Resolved Issues$$$$$$URL Name$$$Secure-Access-Release-Notes-1420

Secure Access Release Notes 14.12$$$$$$Secure Access 14.12 Release Notes$$$$$$14.12 is a general maintenance release for all customers and includes the server and all client platforms. The update addresses several quality-of-life issues and two security vulnerabilities that would allow attackers to crash the server or a client.$$$$$$Server updates include:$$$$$$Security fix for a denial-of-service CVE; rated 8.2 – High.$$$Resolved an issue with the connections page that could keep it from loading.$$$Resolved an issue with console roles when combining the ‘SSO Only’ role with the default admin role.$$$Resolved an issue with policy UI when using process names as conditions.$$$Updates for all clients include:$$$$$$Resolved an issue with device-only authentication prompting the user after upgrading to 14.10.$$$Windows client updates include:$$$$$$Security fix for a denial-of-service CVE; rated 6.0 – Medium.$$$Improved compatibility with Axon body cameras after upgrading to 14.10.$$$Improved bypass mode reliability during network transitions.$$$For details regarding security fixes in this release; see our security advisory for Secure Access 14.12.$$$$$$For details regarding all other fixes; see Secure Access v14.1x Known and Resolved Issues (KARI).

Secure Access Release Notes 14.12$$$$$$Secure Access 14.12 Release Notes$$$$$$14.12 is a general maintenance release for all customers and includes the server and all client platforms. The update addresses several quality-of-life issues and two security vulnerabilities that would allow attackers to crash the server or a client.$$$$$$Server updates include:$$$$$$Security fix for a denial-of-service CVE; rated 8.2 – High.$$$Resolved an issue with the connections page that could keep it from loading.$$$Resolved an issue with console roles when combining the ‘SSO Only’ role with the default admin role.$$$Resolved an issue with policy UI when using process names as conditions.$$$Updates for all clients include:$$$$$$Resolved an issue with device-only authentication prompting the user after upgrading to 14.10.$$$Windows client updates include:$$$$$$Security fix for a denial-of-service CVE; rated 6.0 – Medium.$$$Improved compatibility with Axon body cameras after upgrading to 14.10.$$$Improved bypass mode reliability during network transitions.$$$For details regarding security fixes in this release; see our security advisory for Secure Access 14.12.$$$$$$For details regarding all other fixes; see Secure Access v14.1x Known and Resolved Issues (KARI).

Secure Access Release Notes 14.12$$$$$$Secure Access 14.12 Release Notes$$$$$$14.12 is a general maintenance release for all customers and includes the server and all client platforms. The update addresses several quality-of-life issues and two security vulnerabilities that would allow attackers to crash the server or a client.$$$$$$Server updates include:$$$$$$Security fix for a denial-of-service CVE; rated 8.2 – High.$$$Resolved an issue with the connections page that could keep it from loading.$$$Resolved an issue with console roles when combining the ‘SSO Only’ role with the default admin role.$$$Resolved an issue with policy UI when using process names as conditions.$$$Updates for all clients include:$$$$$$Resolved an issue with device-only authentication prompting the user after upgrading to 14.10.$$$Windows client updates include:$$$$$$Security fix for a denial-of-service CVE; rated 6.0 – Medium.$$$Improved compatibility with Axon body cameras after upgrading to 14.10.$$$Improved bypass mode reliability during network transitions.$$$For details regarding security fixes in this release; see our security advisory for Secure Access 14.12.$$$$$$For details regarding all other fixes; see Secure Access v14.1x Known and Resolved Issues (KARI).

Secure Access Release Notes 14.10$$$$$$Secure Access 14.10 is a feature release for all customers that supports faster throughput on faster networks; Android 16; and has numerous other quality-of-life improvements. It also addresses four security vulnerabilities in Secure Access the most severe of which is rated 5.5 – Medium. In addition; v14.10 addresses 14 vulnerabilities in third-party packages from the Apache foundation; Amazon Corretto; the OpenSSL foundation; and the Libarchive project. The most severe of the third-party vulnerabilities is scored 8.6 - High.$$$$$$For a list of security fixes; see our Secure Access 14.10 and Insights 4.30 Security Advisory.$$$$$$ $$$$$$Release Highlights$$$$$$Improved performance on fast networks$$$$$$We have enhanced performance for Secure Access servers and clients (v14.1x and later) so that you will experience higher throughput when using new; faster networks such as 5G.$$$$$$Host group automatic updates$$$$$$When you create policy using common host groups for well-known cloud services (for example Office 365); you can now configure automatic updates of host group and address lists.$$$$$$Unified client$$$$$$Version 14.10 is for all customers including self-hosted customers. $$$$$$Product usage telemetry$$$$$$To provide improved support and recommendations; Absolute will collect Product Usage Data as defined in the Master Subscription Agreement. Product Usage Data is information about server deployments regarding how the product is used; such as license consumption; server specs related to system requirements; and utilized console settings. It does not include Customer Data and does not collect information on individual devices/users.$$$$$$ $$$$$$Windows server updates also include:$$$$$$New APIs to monitor the status of the Publisher and Reputation Service.$$$New Secure Web Gateway protection level policy which includes Dual AV scan and Data Loss Prevention. $$$Reduced minimum value to 30 days (from 45) for the Disconnected Device Retention Period setting.$$$New “View Only Monitoring” role to Role Based Access templates.$$$New “Flow Message Logging” setting to enable servers to publish client flow logging to syslog. $$$New “Policy Active in Bypass Mode” setting which enables Block action policies to trigger in Bypass Mode while other policy actions will continue to be routed outside tunnel.$$$Client updates include:$$$$$$Added support for Android 16$$$Removed support for the 32-bit version of the Windows client. $$$ $$$$$$For a list of fixes for this release; see: Secure Access 14.10 Known and Resolved Issues$$$$$$For information on Insights for Network 4.30; see: Insights for Network 4.30 Release Notes

Secure Access Release Notes 14.10$$$$$$Secure Access 14.10 is a feature release for all customers that supports faster throughput on faster networks; Android 16; and has numerous other quality-of-life improvements. It also addresses four security vulnerabilities in Secure Access the most severe of which is rated 5.5 – Medium. In addition; v14.10 addresses 14 vulnerabilities in third-party packages from the Apache foundation; Amazon Corretto; the OpenSSL foundation; and the Libarchive project. The most severe of the third-party vulnerabilities is scored 8.6 - High.$$$$$$For a list of security fixes; see our Secure Access 14.10 and Insights 4.30 Security Advisory.$$$$$$ $$$$$$Release Highlights$$$$$$Improved performance on fast networks$$$$$$We have enhanced performance for Secure Access servers and clients (v14.1x and later) so that you will experience higher throughput when using new; faster networks such as 5G.$$$$$$Host group automatic updates$$$$$$When you create policy using common host groups for well-known cloud services (for example Office 365); you can now configure automatic updates of host group and address lists.$$$$$$Unified client$$$$$$Version 14.10 is for all customers including self-hosted customers. $$$$$$Product usage telemetry$$$$$$To provide improved support and recommendations; Absolute will collect Product Usage Data as defined in the Master Subscription Agreement. Product Usage Data is information about server deployments regarding how the product is used; such as license consumption; server specs related to system requirements; and utilized console settings. It does not include Customer Data and does not collect information on individual devices/users.$$$$$$ $$$$$$Windows server updates also include:$$$$$$New APIs to monitor the status of the Publisher and Reputation Service.$$$New Secure Web Gateway protection level policy which includes Dual AV scan and Data Loss Prevention. $$$Reduced minimum value to 30 days (from 45) for the Disconnected Device Retention Period setting.$$$New “View Only Monitoring” role to Role Based Access templates.$$$New “Flow Message Logging” setting to enable servers to publish client flow logging to syslog. $$$New “Policy Active in Bypass Mode” setting which enables Block action policies to trigger in Bypass Mode while other policy actions will continue to be routed outside tunnel.$$$Client updates include:$$$$$$Added support for Android 16$$$Removed support for the 32-bit version of the Windows client. $$$ $$$$$$For a list of fixes for this release; see: Secure Access 14.10 Known and Resolved Issues$$$$$$For information on Insights for Network 4.30; see: Insights for Network 4.30 Release Notes

Secure Access Release Notes 14.10$$$$$$Secure Access 14.10 is a feature release for all customers that supports faster throughput on faster networks; Android 16; and has numerous other quality-of-life improvements. It also addresses four security vulnerabilities in Secure Access the most severe of which is rated 5.5 – Medium. In addition; v14.10 addresses 14 vulnerabilities in third-party packages from the Apache foundation; Amazon Corretto; the OpenSSL foundation; and the Libarchive project. The most severe of the third-party vulnerabilities is scored 8.6 - High.$$$$$$For a list of security fixes; see our Secure Access 14.10 and Insights 4.30 Security Advisory.$$$$$$ $$$$$$Release Highlights$$$$$$Improved performance on fast networks$$$$$$We have enhanced performance for Secure Access servers and clients (v14.1x and later) so that you will experience higher throughput when using new; faster networks such as 5G.$$$$$$Host group automatic updates$$$$$$When you create policy using common host groups for well-known cloud services (for example Office 365); you can now configure automatic updates of host group and address lists.$$$$$$Unified client$$$$$$Version 14.10 is for all customers including self-hosted customers. $$$$$$Product usage telemetry$$$$$$To provide improved support and recommendations; Absolute will collect Product Usage Data as defined in the Master Subscription Agreement. Product Usage Data is information about server deployments regarding how the product is used; such as license consumption; server specs related to system requirements; and utilized console settings. It does not include Customer Data and does not collect information on individual devices/users.$$$$$$ $$$$$$Windows server updates also include:$$$$$$New APIs to monitor the status of the Publisher and Reputation Service.$$$New Secure Web Gateway protection level policy which includes Dual AV scan and Data Loss Prevention. $$$Reduced minimum value to 30 days (from 45) for the Disconnected Device Retention Period setting.$$$New “View Only Monitoring” role to Role Based Access templates.$$$New “Flow Message Logging” setting to enable servers to publish client flow logging to syslog. $$$New “Policy Active in Bypass Mode” setting which enables Block action policies to trigger in Bypass Mode while other policy actions will continue to be routed outside tunnel.$$$Client updates include:$$$$$$Added support for Android 16$$$Removed support for the 32-bit version of the Windows client. $$$ $$$$$$For a list of fixes for this release; see: Secure Access 14.10 Known and Resolved Issues$$$$$$For information on Insights for Network 4.30; see: Insights for Network 4.30 Release Notes

Secure Access 14.02$$$$$$Secure Access 14.02 is a maintenance release for all client platforms intended for SaaS-hosted customers. Self-hosted customers will receive no added benefits from upgrading clients to version 14.0x clients. $$$$$$Client updates for all platforms include:$$$$$$Fixed a frequent issue that could block necessary passive connections due to mistaking them for outside tunnel communications.$$$Windows client updates include:$$$$$$Fixed an infrequent issue that interrupted DHCP renewals on Windows 11 that could cause applications to lose network access.

Secure Access 14.02$$$$$$Secure Access 14.02 is a maintenance release for all client platforms intended for SaaS-hosted customers. Self-hosted customers will receive no added benefits from upgrading clients to version 14.0x clients. $$$$$$Client updates for all platforms include:$$$$$$Fixed a frequent issue that could block necessary passive connections due to mistaking them for outside tunnel communications.$$$Windows client updates include:$$$$$$Fixed an infrequent issue that interrupted DHCP renewals on Windows 11 that could cause applications to lose network access.

Secure Access 14.02$$$$$$Secure Access 14.02 is a maintenance release for all client platforms intended for SaaS-hosted customers. Self-hosted customers will receive no added benefits from upgrading clients to version 14.0x clients. $$$$$$Client updates for all platforms include:$$$$$$Fixed a frequent issue that could block necessary passive connections due to mistaking them for outside tunnel communications.$$$Windows client updates include:$$$$$$Fixed an infrequent issue that interrupted DHCP renewals on Windows 11 that could cause applications to lose network access.

Secure Access 13.54$$$Important: Three Vulnerabilities Addressed in Secure Access 13.54 Server$$$$$$13.54 is a maintenance release that also addresses three security vulnerabilities that would allow attackers with administrative access to the management console to interfere with other administrators or bypass certain access controls.$$$$$$The highest CVSS 4.0 score of these vulnerabilities is 7.0 – High$$$$$$For more information on security changes see our 13.54 security advisory.$$$$$$ $$$$$$Release notes:$$$$$$Windows server updates include:$$$$$$Fixed an infrequent issue with Warehouse upgrades which would require a manual re-index of the database to resolve.$$$Added a client setting for location data which enables administrators to set accuracy tolerance (in meters). Location data outside the tolerance will be treated as inaccurate and not reported.$$$Improved error handling for rare invalid configurations (e.g. a Publisher target with blank hostname or a certificate configured in the Warehouse with an empty value.)$$$Client updates for all platforms include:$$$$$$Improved performance on high speed; high latency networks.$$$Improved performance for uploads taking place outside the tunnel on non-Windows platforms; especially iPhone and iPad devices.$$$Windows client updates include:$$$$$$Fixed a frequent issue that caused delays in renewing VIP addresses. $$$Fixed a frequent issue with NAC that caused scan results to be ignored if the NAC policy had not yet been loaded.$$$Fixed a rare issue where device authentication rejected TPM-backed certificates signed with RSA-PSS. The client will now disable RSA-PSS signature algorithm if it detects that encryption on a key and certificate pair fails.$$$Android client updates include:$$$$$$Fixed a rare issue with DNS that caused certain requests to go inside tunnel instead of outside tunnel when no active interfaces were available.$$$iOS client updates include:$$$$$$Fixed a rare issue with supervised devices blocking network traffic if the MDM enables the Content Filter without a VPN configuration. The issue occurs on first-time installations of the Secure Access client until the Content Filter is removed; or the device connects to the Secure Access server.$$$macOS client updates include:$$$$$$Fixed an intermittent issue with connection attempts getting stuck in the connecting state if the device was not rebooted after a client update or initial install.$$$Fixed a rare issue with the client blocking network traffic in the Content Filter while the client disconnected.$$$Added an option to perform bandwidth tests inside the Secure Access tunnel.

Secure Access 13.54$$$Important: Three Vulnerabilities Addressed in Secure Access 13.54 Server$$$$$$13.54 is a maintenance release that also addresses three security vulnerabilities that would allow attackers with administrative access to the management console to interfere with other administrators or bypass certain access controls.$$$$$$The highest CVSS 4.0 score of these vulnerabilities is 7.0 – High$$$$$$For more information on security changes see our 13.54 security advisory.$$$$$$ $$$$$$Release notes:$$$$$$Windows server updates include:$$$$$$Fixed an infrequent issue with Warehouse upgrades which would require a manual re-index of the database to resolve.$$$Added a client setting for location data which enables administrators to set accuracy tolerance (in meters). Location data outside the tolerance will be treated as inaccurate and not reported.$$$Improved error handling for rare invalid configurations (e.g. a Publisher target with blank hostname or a certificate configured in the Warehouse with an empty value.)$$$Client updates for all platforms include:$$$$$$Improved performance on high speed; high latency networks.$$$Improved performance for uploads taking place outside the tunnel on non-Windows platforms; especially iPhone and iPad devices.$$$Windows client updates include:$$$$$$Fixed a frequent issue that caused delays in renewing VIP addresses. $$$Fixed a frequent issue with NAC that caused scan results to be ignored if the NAC policy had not yet been loaded.$$$Fixed a rare issue where device authentication rejected TPM-backed certificates signed with RSA-PSS. The client will now disable RSA-PSS signature algorithm if it detects that encryption on a key and certificate pair fails.$$$Android client updates include:$$$$$$Fixed a rare issue with DNS that caused certain requests to go inside tunnel instead of outside tunnel when no active interfaces were available.$$$iOS client updates include:$$$$$$Fixed a rare issue with supervised devices blocking network traffic if the MDM enables the Content Filter without a VPN configuration. The issue occurs on first-time installations of the Secure Access client until the Content Filter is removed; or the device connects to the Secure Access server.$$$macOS client updates include:$$$$$$Fixed an intermittent issue with connection attempts getting stuck in the connecting state if the device was not rebooted after a client update or initial install.$$$Fixed a rare issue with the client blocking network traffic in the Content Filter while the client disconnected.$$$Added an option to perform bandwidth tests inside the Secure Access tunnel.