CVE-2025-32975: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
Summary
A critical improper authentication vulnerability, identified as CVE-2025-32975, has been discovered in Quest KACE Systems Management Appliance (SMA). This flaw allows attackers to impersonate legitimate users without needing valid credentials. Organizations are urged to apply vendor-provided mitigations or consider discontinuing use if fixes are not available.
IFF Assessment
This vulnerability allows unauthenticated attackers to impersonate legitimate users, posing a significant threat to the integrity and confidentiality of managed systems.
Severity
This vulnerability has a high impact due to the ability for an attacker to impersonate any user, granting them potentially extensive access and control over the KACE SMA and the systems it manages.
CISA KEV: Listed as actively exploited. Federal patch due: May 04, 2026. Known ransomware use: Unknown.
Defender Context
Defenders should prioritize patching or applying mitigations for Quest KACE SMA immediately, especially given its potential use in ransomware campaigns. This highlights the critical need for robust authentication mechanisms in management appliances, as compromises can lead to widespread system compromise.