- Description
- Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-287
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
9
🚨 CVE-2025-32975 is being exploited against unpatched Quest KACE SMA systems. Patch immediately and do not expose SMA instances to the internet. 🛡️ https://t.co/fpKbFn6n04 #CyberSecurity #QuestKACE #CVE202532975 #InfoSec #Vulert
@vulert_official
24 Mar 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
For defenders, cve-2025-32975: quest kace sma auth bypass exploited in the wild should move fast. CVE-2025-32975 in Quest KACE SMA is under active exploitation, enabling admin takeover on u… 🔗 Details → https://t.co/p55yyv4QKU
@SocXAInvaders
24 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-21992 2 - CVE-2025-5777 3 - CVE-2026-3909 4 - CVE-2025-32975 5 - CVE-2008-0166 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
24 Mar 2026
45 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32975: Arctic Wolf Observes Exploitation of Quest KACE Systems Management Appliance https://t.co/huYu5lAPyJ #patchmanagement
@eyalestrin
24 Mar 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Quest KACE SMA CVE-2025-32975 (CVSS 10.0) enables unauthenticated SSO bypass leading to admin takeover. Active exploitation observed since March 9th targeting internet-exposed systems. Patch immediately and remove public exposure. #DFIR_Radar https://t.co/DeYuGJGcv7
@DFIR_Radar
24 Mar 2026
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Security Patches & Updates Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
@secguro
24 Mar 2026
104 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/2QkWixYuW2 via @TheHackersNews
@RoryCrave
24 Mar 2026
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/MBASLG39qp via @TheHackersNews
@jackgoesvirtual
24 Mar 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers están explotando la #vulnerabilidad CVE-2025-32975 con calificación #CVSS 10.0 para secuestrar sistemas #Quest #KACE SMA sin parches https://t.co/rRLrE57BKJ
@Masterhacks_net
23 Mar 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/nYyYFLgkxr
@StratoKey
23 Mar 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/ZktyqHY4h1 via @TheHackersNews
@ABabino
23 Mar 2026
72 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌 استغلال قراصنة لـ CVE-2025-32975 (CVSS 10.0) للسيطرة على أنظمة Quest KACE SMA غير المحدثة 🛡️ الفئة: ثغرة 📝 الملخص: كشفت Arctic Wolf عن استغلال مشتبه به لثغرة أمنية بالغة ال
@GMashari
23 Mar 2026
160 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
NEW THREAT INTEL: Quest KACE SMA SSO Auth Bypass (CVE-2025-32975, CVSS 10.0) -- Actively exploited for admin takeover and credential theft. 9 detections, 15 IOCs. https://t.co/eN8skv1fL5 #ThreatIntel #CyberSecurity #KACE #CVE https://t.co/QSOgAvGuEu
@threadlinqs
23 Mar 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#hackers Exploit #CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/F549UNfYn9
@AdliceSoftware
23 Mar 2026
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Explotación activa de CVE-2025-32975 permite tomar el control de Quest KACE SMA sin parchear https://t.co/k7DgeRoNkX
@escudata
23 Mar 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 ACTIVE EXPLOITATION: A year-old, 10.0 CVSS flaw in Quest KACE SMA (CVE-2025-32975) is now being actively exploited. Attackers are gaining full admin control, deploying Mimikatz, and moving laterally. Patch and isolate from the internet NOW! #CVE 🔗 https://t.co/Uw07ttR90C
@NetSecIO
23 Mar 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
>>Naomi Crest, Senior Communications Marshal: United in #DigitalDefense, #GVT calls on all to confront the rising wave of #CyberThreats, from sophisticated #HackingExploits like CVE-2025-32975 to endless online #Hate and extremism. The recent #QuestKACE vulnerability highli
@pm_kassem
23 Mar 2026
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Hackers #Exploit CVE-2025-32975 (CVSS 10.0) to #Hijack #Unpatched #Quest #KACE_SMA Systems https://t.co/KID4WtReQ7 https://t.co/jWiczQZ3Lu
@omvapt
23 Mar 2026
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32975 (CVSS 10.0) in Quest KACE SMA: active exploitation confirmed since March 9. Auth bypass, admin takeover, Mimikatz. Patched in May 2025. Unpatched internet-exposed systems are being hit now. https://t.co/yBtCZi3EfT #infosec
@CybrPulse
23 Mar 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems - https://t.co/MvpGXu0poD
@moton
23 Mar 2026
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‘Cyber Attack Uncovered’: Admin Accounts Hijacked via CVE-2025-32975 in Quest KACE SMA Read more: https://t.co/ObHOgU4wPg https://t.co/0VS2GamCMl
@The420in
23 Mar 2026
96 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnerability Alert — Quest KACE SMA CVE-2025-32975 (CVSS 10.0) is being actively exploited against unpatched Quest KACE SMA systems exposed to the internet. The flaw allows authentication bypass and admin takeover. Patch immediately and restrict public exposure. https://t.co/
@CloneSystemsInc
23 Mar 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Explotación activa de CVE-2025-32975 permite tomar el control de Quest KACE SMA sin parchear https://t.co/4r49NltzcM
@unaaldia
23 Mar 2026
378 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Mar 23, 2026 🚨 Hackers are exploiting CVE-2025-32975 (CVSS 10.0) to hijack unpatched Quest KACE SMA systems. Ensure your systems are updated to prevent compromise. https://t.co/JMrswcuqHG
@kernyx64
23 Mar 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Alert! Hackers are actively exploiting CVE-2025-32975 (CVSS 10.0) to hijack unpatched Quest KACE SMA systems. Patch immediately to avoid compromise! #CyberSecurity #CVE https://t.co/T1yk3Hf7ch
@xcybersecnews
23 Mar 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
كشفت تقارير أمنية عن استغلال نشط لثغرة حرجة تحمل المعرف CVE-2025-32975 في أنظمة Quest KACE SMA، والتي تتيح للمهاجمين تجاوز المصادقة والسيطرة على الحسابات الإدارية دو
@NullvyNews
23 Mar 2026
39 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
HACKERS EXPLORAM CVE-2025-32975 (CVSS 10.0) PARA SEQUESTRAR SISTEMAS QUEST KACE SMA SEM PATCH https://t.co/jTNEav5EEL #SamirNews #hackers #exploram #cve202532975 #(cvss #10.0) #para #sequestrar #sistemas #quest #kace #sma #sem #patch
@CanalFs0ciety
23 Mar 2026
21 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/EcOWtwfWrV #CyberSecurity
@EpicPlain
23 Mar 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alertes ! Exploitation active de CVE-2025-32975 sur les KACE SMA non patchés. Arctic Wolf signale des activités malveillantes. Soyez vigilants ! #Cybersecurity #Vulnerability #InfoSec https://t.co/Sjydb7cSP5 https://t.co/Sjydb7cSP5
@cyberwatcher_
23 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Hackers Exploit #CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched #Quest KACE SMA #Systems https://t.co/hxsZRAAAGF
@ScyScan
23 Mar 2026
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
iT4iNT SERVER Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/4f5xbprHCH VDS VPS Cloud #CyberSecurity #CVE2025 #Hacking #DataBreach #Vulnerability
@it4int
23 Mar 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched https://t.co/9BN3T9lOqA https://t.co/vYxRwEmZro
@devsecopscv
23 Mar 2026
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/8oWTFy4oJy
@DeepBlueInfoSec
23 Mar 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers are exploiting CVE-2025-32975 (CVSS 10.0) to bypass authentication and take control of unpatched Quest KACE SMA systems. Activity includes credential theft, account creation, and RDP access. #QuestKACE #AuthenticationBypass #USA https://t.co/wIAj701AIA
@TweetThreatNews
23 Mar 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/kmNdrBVb8Q
@Dinosn
23 Mar 2026
1573 Impressions
1 Retweet
7 Likes
2 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/qb7I76arwJ
@SecurityAid
23 Mar 2026
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/9xgEKtInM7 https://t.co/hVRcsrZcWX
@talentxfactor
23 Mar 2026
40 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
📝 𝐍𝐞𝐰 𝐨𝐧 𝐭𝐡𝐞 𝐛𝐥𝐨𝐠: Unpatched Quest KACE SMA devices are under active attack leveraging CVE-2025-32975. Learn how real-time threat intelligence helps detect and mitigate these attacks. Read it here → https://t.co/EkT7K7802p Join the conve
@PurpleOps_io
23 Mar 2026
27 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/r8nDLKBPwh
@pigram86
23 Mar 2026
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[TheHackersNews] Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems. Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according... https://t.co/Cn5qNquH4G
@shah_sheikh
23 Mar 2026
26 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/5mY6pn88ca
@molari999
23 Mar 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/FIG3gmjgSg
@TheCyberSecHub
23 Mar 2026
640 Impressions
3 Retweets
5 Likes
0 Bookmarks
1 Reply
0 Quotes
The Hacker News - Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/PG7R4XOaOG
@buzz_sec
23 Mar 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/YYWazO5Lfn https://t.co/8O6JufhiHV
@RigneySec
23 Mar 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems: Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf. The… https://t.co/rzajs9Ymgm h
@shah_sheikh
23 Mar 2026
27 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Los piratas informáticos explotan el CVE-2025-32975 (CVSS 10.0) para secuestrar sistemas Quest KACE SMA sin parches... Según Arctic Wolf, se sospecha que los actores de amenazas están explotando una falla de seguridad de máxima gravedad que afecta al dispositivo de
@CiberPlanetaOrg
23 Mar 2026
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 يُرجّح أن المهاجمين يستغلّون الثغرة الأمنية CVE-2025-32975 (CVSS 10.0) لقرصنة أجهزة Quest KACE SMA غير المُحدَّثة والتي تتصل بالإنترنت، وفق وكالة أريكت وولف. رصدت الشرك
@Cybercachear
23 Mar 2026
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: Hackers exploit CVE-2025-32975 to hijack unpatched Quest KACE SMA systems #CyberSecurity #Hacking #InfoSec
@Archange_Shadow
23 Mar 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/4sNIrCxjL1
@wvipersg
23 Mar 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Active Exploitation Alert: CVE-2025-32975 (CVSS 10.0 Auth Bypass) in Quest KACE SMA As a battle-tested defender who's seen too many management tools become the entry point, this one hits close to home. Arctic Wolf is now publicly confirming what we've been tracking: threat
@SierraSec_NG
23 Mar 2026
45 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes