1. Home
  2. Vulnerabilities
  3. CVE-2025-32975
Known Exploited Vulnerability
10.0
CRITICAL CVSS 3.1
CVE-2025-32975
Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability - [Actively Exploited]
Overview
Description

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.

Details
INFO

Published Date :

June 24, 2025, 3:15 p.m.

Last Modified :

April 21, 2026, 2:09 p.m.

Remotely Exploit :

Yes !

Source :

[email protected]
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attackers to impersonate legitimate users without valid credentials.

Required Action :

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Known Ransomware Campaign Use:

Unknown

Notes :

https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32975

Impact
Affected Products

The following products are affected by CVE-2025-32975 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Quest kace_systems_management_appliance
: Total Affected Vendor : 1 | Products : 1
Scoring
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 CRITICAL 134c704f-9b21-4f2e-91b3-4a467353bcc0
Solution
Update Quest KACE SMA to a patched version to fix the authentication bypass vulnerability.
  • Update to Quest KACE SMA version 13.0.385 or later.
  • Update to Quest KACE SMA version 13.1.81 or later.
  • Update to Quest KACE SMA version 13.2.183 or later.
  • Update to Quest KACE SMA version 14.0.341 or later.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-32975.

URL Resource
https://seclists.org/fulldisclosure/2025/Jun/22 Mailing List Third Party Advisory
https://seralys.com/research/CVE-2025-32975.txt Third Party Advisory
https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978 Vendor Advisory
http://seclists.org/fulldisclosure/2025/Jun/25 Mailing List Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32975 US Government Resource
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-32975 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-32975 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-32975 vulnerability anywhere in the article.

  • Daily CyberSecurity
MOVEit WAF Critical Alert: Multi-Level RCE and WAF Bypass Vulnerabilities Disclosed

Progress Software has released a critical security bulletin for April 2026, revealing five high-impact vulnerabilities affecting MOVEit WAF and related Application Delivery Controller (ADC) products. ... Read more

Published Date: Apr 21, 2026 (4 hours, 30 minutes ago)
  • Help Net Security
CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)

CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including a Cisco Catalyst SD-WAN Manager vulnerability (CVE-2026-20133) that Cisco has yet to flag as exploi ... Read more

Published Date: Apr 21, 2026 (5 hours, 49 minutes ago)
  • Daily CyberSecurity
Nexcorium Botnet Turns Unpatched DVRs into DDoS Foot Soldiers

Security researchers at FortiGuard Labs have uncovered a sophisticated campaign deploying Nexcorium, a multi-architecture Mirai variant that turns unpatched digital video recorders (DVRs) into foot so ... Read more

Published Date: Apr 21, 2026 (8 hours, 5 minutes ago)
  • The Cyber Express
CISA Adds 8 Exploited Vulnerabilities Affecting Cisco, Zimbra, TeamCity

The Cybersecurity and Infrastructure Security Agency (CISA) have expanded its Known Exploited Vulnerabilities, commonly referred to as the KEV catalog, with eight newly identified security flaws that ... Read more

Published Date: Apr 21, 2026 (8 hours, 46 minutes ago)
  • The Hacker News
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco C ... Read more

Published Date: Apr 21, 2026 (10 hours, 53 minutes ago)
  • Daily CyberSecurity
CISA Warns of Active Exploitation in Cisco, PaperCut, and Zimbra

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding eight high-impact flaws. The update comes following confirmed evidenc ... Read more

Published Date: Apr 21, 2026 (14 hours, 7 minutes ago)
  • Daily CyberSecurity
Progress Kemp LoadMaster Alert: Multiple RCE and WAF Bypass Flaws Patched

The Progress Kemp LoadMaster team has confirmed a significant security event involving five high-severity vulnerabilities affecting its application delivery controllers. These flaws, which impact both ... Read more

Published Date: Apr 21, 2026 (15 hours, 6 minutes ago)
  • Daily CyberSecurity
ASUSTOR Issues Critical Patch: Command Injection Vulnerability Threatens ADM Users

ASUSTOR has issued an urgent security advisory regarding a high-severity command injection vulnerability impacting its ASUSTOR Data Master (ADM) operating system. Identified as CVE-2026-6644, this fla ... Read more

Published Date: Apr 21, 2026 (15 hours, 15 minutes ago)
  • Daily CyberSecurity
ZionSiphon: The “Defanged” Malware Aiming for the Water Supply

A new and highly specialized malware threat has emerged in the industrial cybersecurity landscape, signaling a targeted effort to disrupt critical infrastructure. Security researchers from Darktrace r ... Read more

Published Date: Apr 21, 2026 (16 hours, 15 minutes ago)
  • Daily CyberSecurity
Critical Security Update: IBM Patches Multiple Vulnerabilities in Verify Identity and Access

IBM has released a comprehensive bulletin addressing a series of vulnerabilities within its Verify Identity Access and Security Verify Access product lines. The flaws range from low-impact redirection ... Read more

Published Date: Apr 08, 2026 (1 week, 6 days ago)
  • TheCyberThrone
Quest KACE SMA flaw CVE-2025-32975 Actively Exploited

March 23, 2026OverviewCVE-2025-32975 is a critical authentication bypass vulnerability in Quest KACE SMA’s SSO authentication handling mechanism. The root cause lies in improper validation of authenti ... Read more

Published Date: Mar 23, 2026 (4 weeks, 1 day ago)
  • The Hacker News
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf. The cybersecurity company said it obser ... Read more

Published Date: Mar 23, 2026 (4 weeks, 1 day ago)
  • Daily CyberSecurity
Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems

QNAP Systems, Inc. has issued a critical security advisory for users of its QVR Pro surveillance solution. A high-severity vulnerability, tracked as CVE-2026-22898 with a CVSS score of 9.3, could allo ... Read more

Published Date: Mar 21, 2026 (1 month ago)
  • Daily CyberSecurity
Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover

Oracle has issued an urgent security alert following the discovery of a “Critical” rated vulnerability impacting its Fusion Middleware ecosystem. The flaw, tracked as CVE-2026-21992, carries a CVSS sc ... Read more

Published Date: Mar 21, 2026 (1 month ago)
  • Daily CyberSecurity
PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw

Apple has broken new ground in its defensive strategy, utilizing a “Background Security Improvements” feature to deliver an out-of-band fix for a significant cross-origin vulnerability. The flaw, trac ... Read more

Published Date: Mar 21, 2026 (1 month ago)
  • Daily CyberSecurity
Two High-Severity Spring Boot Flaws Expose Actuator Endpoints

Security researchers have issued a double warning for developers using the Spring Boot framework, identifying two high-severity vulnerabilities that could allow attackers to bypass authentication. The ... Read more

Published Date: Mar 20, 2026 (1 month ago)
  • Daily CyberSecurity
PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes

Security researchers Len Sadowski and Oğuz Bektaş have publicly pulled back the curtain on a vulnerability within Windows’ implementation of libarchive. The flaw, tracked as CVE-2025-59284, demonstrat ... Read more

Published Date: Mar 20, 2026 (1 month ago)
  • Daily CyberSecurity
High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets

A high-severity security flaw has been identified in ingress-nginx, a widely used Ingress controller for Kubernetes clusters. The vulnerability, tracked as CVE-2026-4342 with a CVSS score of 8.8, coul ... Read more

Published Date: Mar 20, 2026 (1 month ago)
  • Daily CyberSecurity
The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail

Image: Seqrite Labs A sophisticated cyberespionage campaign, dubbed Operation GhostMail, has been detected targeting critical government infrastructure in Ukraine. Security researchers at Seqrite Labs ... Read more

Published Date: Mar 20, 2026 (1 month ago)
  • Daily CyberSecurity
The Silent Leak: Critical 9.1 CVSS Spring Security Flaw Strips Away Vital HTTP Headers

A critical-severity security flaw has been identified in Spring Security, the industry-standard framework for securing Java-based enterprise applications. The vulnerability, tracked as CVE-2026-22732 ... Read more

Published Date: Mar 20, 2026 (1 month ago)

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-32975 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Apr. 21, 2026

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:* versions from (including) 13.0 up to (excluding) 13.0.385 *cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:* versions from (including) 13.1 up to (excluding) 13.1.81 *cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:* versions from (including) 13.2 up to (excluding) 13.2.183 *cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:* versions from (including) 14.0 up to (excluding) 14.0.341 *cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:* versions from (including) 14.1 up to (excluding) 14.1.101
    Added Reference Type CVE: http://seclists.org/fulldisclosure/2025/Jun/25 Types: Mailing List, Third Party Advisory
    Added Reference Type MITRE: https://seclists.org/fulldisclosure/2025/Jun/22 Types: Mailing List, Third Party Advisory
    Added Reference Type MITRE: https://seralys.com/research/CVE-2025-32975.txt Types: Third Party Advisory
    Added Reference Type MITRE: https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978 Types: Vendor Advisory
    Added Reference Type CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32975 Types: US Government Resource
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Apr. 21, 2026

    Action Type Old Value New Value
    Added Date Added 2026-04-20
    Added Due Date 2026-05-04
    Added Required Action Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    Added Vulnerability Name Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Apr. 20, 2026

    Action Type Old Value New Value
    Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32975
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 03, 2025

    Action Type Old Value New Value
    Added Reference http://seclists.org/fulldisclosure/2025/Jun/25
  • New CVE Received by [email protected]

    Jun. 24, 2025

    Action Type Old Value New Value
    Added Description Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.
    Added Reference https://seclists.org/fulldisclosure/2025/Jun/22
    Added Reference https://seralys.com/research/CVE-2025-32975.txt
    Added Reference https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 24, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    Added CWE CWE-287
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
Base CVSS Score: 10
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact