A critical vulnerability in Quest KACE Systems Management Appliance (SMA), identified as CVE-2025-32975, is being actively exploited by attackers, allowing them to bypass authentication and impersonate legitimate users. This flaw, which has been assigned a maximum CVSS score of 10, underscores the severe risk it poses to organizations relying on affected versions of the software.
The vulnerability affects Quest KACE SMA versions 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4). The flaw is rooted in an authentication bypass issue, categorized under CWE-287, which enables attackers to gain unauthorized access to systems by impersonating legitimate users without needing valid credentials.
Exploitation of this vulnerability has been confirmed in the wild, with attackers leveraging it to hijack unpatched systems. The exploitation timeline indicates that attackers began targeting this vulnerability within 300 days of its disclosure, highlighting the urgency for organizations to apply the necessary patches.
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-32975 to its Known Exploited Vulnerabilities (KEV) catalog as of April 20, 2026, emphasizing the critical nature of this threat. The inclusion in the KEV list mandates federal agencies to prioritize patching this vulnerability to mitigate potential risks.
Organizations using Quest KACE SMA are strongly advised to update their systems to the latest patched versions to protect against potential exploitation. The patches address the authentication bypass flaw, thereby preventing unauthorized access and potential system compromise.
Security teams should also review access logs for any signs of unauthorized access attempts and ensure that all systems are updated promptly. Given the high Exploit Prediction Scoring System (EPSS) score of 0.753, indicating a significant likelihood of exploitation, proactive measures are crucial to safeguard against this vulnerability.
CSURFACE