CVE-2025-32975
Published Jun 24, 2025
Last updated 18 days ago
AI description
CVE-2025-32975 is an authentication bypass vulnerability found in the Quest KACE Systems Management Appliance (SMA). This flaw specifically resides within the Single Sign-On (SSO) authentication handling mechanism of the affected software. Exploitation of this vulnerability allows an attacker to impersonate legitimate users, including those with administrative privileges, without needing valid credentials. This can lead to unauthorized access and potential administrative control over the compromised KACE SMA system. The vulnerability is categorized under CWE-287, which refers to improper authentication.
- Description
- Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- kace_systems_management_appliance
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
- Exploit added on
- Apr 20, 2026
- Exploit action due
- May 4, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-287
- Hype score
- Not currently trending
CVE-2025-32975 is a critical authentication bypass vulnerability on KACE - https://t.co/k0MYpoLHR0…
@hackingprincesa
27 Apr 2026
216 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA added CVE-2025-32975 to KEV: auth bypass in Quest KACE SMA. An attacker impersonates any user — admins included — with no password. KACE pushes patches to your fleet, so owning it owns every endpoint it manages. https://t.co/hUMQKCGiLD
@TechTranslators
25 Apr 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Legacy exposure keeps paying off for attackers. CISA KEV flags Quest KACE SMA auth bypass as a high-prior… CVE-2025-32975 puts Quest KACE SMA on the urgent patch list after CISA added the authentica… 🔗 Read → https://t.co/H8F1a8fuPR
@fynn_JourX
22 Apr 2026
115 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
For defenders, cisa kev flags quest kace sma auth bypass as a high-priority ri… should move fast. CVE-2025-32975 puts Quest KACE SMA on the urgent patch list after CISA added the authentica… 🔗 Details → https://t.co/sQmK6z2YuH
@SocXAInvaders
22 Apr 2026
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛑 CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk CVE-2025-32975 puts Quest KACE SMA on the urgent patch list after CISA added the authentica… 🔗 Details → https://t.co/lfSAN5lHNc
@lucasverdan
22 Apr 2026
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA added eight vulnerabilities to its Known Exploited Vulnerabilities catalog, including critical flaws in Cisco Catalyst SD-WAN Manager and PaperCut NG/MF. Notable vulnerabilities include CVE-2025-32975 (CVSS 10. https://t.co/bvKoGUT1mD
@securityRSS
21 Apr 2026
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Authentication bypass vulnerability in #Quest KACE Systems Management Appliance. #CVE-2025-32975 CVSS: 10.0. This vulnerability was added to the #CISA #KEV catalogue. It is #actively exploited to achieve complete takeover. #RCE! https://t.co/isOpnOOwxE #Patch #Patch
@CCBalert
21 Apr 2026
193 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-32975 #Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability https://t.co/5MPFnD3bxO
@ScyScan
21 Apr 2026
138 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA just added 8 vulnerabilities to Known Exploited Catalog. Active exploitation confirmed. CVE-2025-48700 (Zimbra XSS), CVE-2025-32975 (Quest KACE), CVE-2024-27199 (JetBrains TeamCity). If you're running these, you're already compromised. #Cybersecurity #CISA
@battista212
20 Apr 2026
185 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ CVE-2025-32975: Vulnerabilidad Crítica de Autenticación en Quest KACE SMA Análisis técnico de la vulnerabilidad CVE-2025-32975 en Quest KACE Systems Management Appliance, con impacto crítico (CVSS 10.0) y recomendaciones para mitigar https://t.co/VuI1L5G0Xg #ciberp
@CiberPlanetaOrg
20 Apr 2026
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Alerta de Seguridad: Vulnerabilidad de Autenticación Impropia en Quest KACE Systems Management Appliance (SMA) (CVE-2025-32975) Quest KACE SMA presenta una vulnerabilidad de autenticación impropia (CWE-287) que permite a atacantes impersonar usuarios legítimos sin cred
@CiberPlanetaOrg
20 Apr 2026
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Quest KACE SMAの致命的脆弱性CVE-2025-32975が悪用中!CVSSスコア10.0の認証バイパスでシステム乗っ取りの危機 https://t.co/rKvzk2F25W https://t.co/860Fl7OCtV
@gadgetota123
15 Apr 2026
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغـ ـرة CVE-2025-32975 الحـ ـرجة تهدد أنظمة Quest KACE SMA وتتيح سيطرة كاملة للمهاجمين التفاصيل.. https://t.co/VGwOvY8i7C #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/uSiWBWPoBu
@ccforrs
4 Apr 2026
187 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغـ ـرة CVE-2025-32975 الحـ ـرجة تهـ ـدد أنظمة Quest KACE SMA وتتيح سيطرة كاملة للمهاجمين التفاصيل.. https://t.co/pplfSwCNpM #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/eGckHv9dro
@ccforrs
3 Apr 2026
130 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Arctic Wolf has observed malicious activity in customer environments potentially linked to the exploitation of CVE-2025-32975 on unpatched Quest KACE Systems Management Appliance (SMA) instances that were publicly exposed to the internet: https://t.co/6s5lyALSzR
@AWNetworks
30 Mar 2026
751 Impressions
3 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes
Quest KACE SMA を標的とする攻撃チェーン:認証バイパスの脆弱性 CVE-2025-32975 を悪用 https://t.co/FTYias7QLT この攻撃の原因は、Quest KACE SMA の SSO 認証処理メカニズムに存在する、脆弱性 CVE-2025-32975
@iototsecnews
30 Mar 2026
179 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛑 CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild CVE-2025-32975 in Quest KACE SMA is under active exploitation, enabling admin takeover on u… 🔗 Details → https://t.co/j0macl55WK
@lucasverdan
27 Mar 2026
103 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠ Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/qbLBxPtJfC #CVE #ZeroDay #Vulnerability #PatchNow #CyberSecurity
@guliguli480644
26 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Legacy exposure keeps paying off for attackers. CVE-2025-32975: Quest KACE SMA auth bypass exploited in t… CVE-2025-32975 in Quest KACE SMA is under active exploitation, enabling admin takeover on u… 🔗 Read → https://t.co/M1MmHrctPY
@fynn_JourX
25 Mar 2026
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Explotación activa de CVE-2025-32975 permite tomar el control de Quest KACE SMA sin parchear https://t.co/BhF7wuEn4G #Internet #Noticia #Tecnología #ciberSeguridad vía @unaaldia https://t.co/fbYAmrG2AE
@Securizame
25 Mar 2026
235 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/tqzW6K3yRS https://t.co/4J1o7gSUMy
@TonyBeeTweets
25 Mar 2026
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Hackers exploit the CVE-2025-32975 (CVSS 10.0) to hijack the unpatched Quest KACE SMA systems. #CyberSecurity #InfoSec https://t.co/MKefKv5aB2 https://t.co/7cJcyQfp6k
@twelvesec
25 Mar 2026
157 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32975 just hit Quest KACE SMA systems. CVSS: 10.0, perfect score. No credentials needed. Attackers walk straight into admin accounts. Patch dropped May 2025. Systems still getting hit weren't patched. Unpatched known vulns aren't bad luck. They're a choice.
@Amir_secures
24 Mar 2026
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/mrwRqUC42P Critical CVE-2025-32975 Vulnerability in Quest KACE SMA Being Actively Exploited
@pkhackers1337
24 Mar 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerability CVE-2025-32975 exploited in unpatched Quest KACE SMA systems. Ensure your systems are updated to prevent unauthorized access. Link: https://t.co/lypTPvml0V #Security #Vulnerability #Hacking #Threat #Exploit #Update #Patch #Systems #Unauthorized #Access http
@dailytechonx
24 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The exploitation of CVE-2025-32975, with its perfect CVSS score of 10.0, marks a dangerous escalation in the targeting of enterprise asset management tools like Quest's KACE SMA. Zero-day vulnerabilities in patch management workflows are increasingly lucrative attack vectors, htt
@ZambeziSentinel
24 Mar 2026
165 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32975 (CVSS 10.0) actively exploited on unpatched Quest KACE SMA systems. Auth bypass → admin takeover → Mimikatz → encoded payloads via curl. Patch has been available since May 2025. If your KACE SMA is still unpatched, fix it now.
@theSEalpha
24 Mar 2026
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Researchers discovered hackers exploiting CVE-2025-32975, a CVSS 10.0 flaw in Quest KACE SMA. The authentication bypass allows total admin takeover. Arctic Wolf reports active attacks involving credential harvesting and lateral movement to backup infra #cybersecurity
@CyberTLDR
24 Mar 2026
4 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-32975 exploitation (ES) https://t.co/RdLQhNNX89
@0x6D6172636F
24 Mar 2026
252 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/HwAaTZCONp via @TheHackersNews
@DCICyberSecNews
24 Mar 2026
122 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Quest KACE SMA RCE (CVE-2025-32975) Under Attack - https://t.co/Pr0Mj66mm9
@Cyberwarzonecom
24 Mar 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-32975 is being exploited against unpatched Quest KACE SMA systems. Patch immediately and do not expose SMA instances to the internet. 🛡️ https://t.co/fpKbFn6n04 #CyberSecurity #QuestKACE #CVE202532975 #InfoSec #Vulert
@vulert_official
24 Mar 2026
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
For defenders, cve-2025-32975: quest kace sma auth bypass exploited in the wild should move fast. CVE-2025-32975 in Quest KACE SMA is under active exploitation, enabling admin takeover on u… 🔗 Details → https://t.co/p55yyv4QKU
@SocXAInvaders
24 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-21992 2 - CVE-2025-5777 3 - CVE-2026-3909 4 - CVE-2025-32975 5 - CVE-2008-0166 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
24 Mar 2026
179 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32975: Arctic Wolf Observes Exploitation of Quest KACE Systems Management Appliance https://t.co/huYu5lAPyJ #patchmanagement
@eyalestrin
24 Mar 2026
158 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
【絶対の掟】入るより逃げる方が100倍難しいんやで! Quest KACEの脆弱性CVE-2025-32975は危険度MAX10.0やん。乗っ取られる前に対策するんが命やけど投資も同じ!買う前に「〇円で売る」出口戦略を決めんと塩漬け
@acoico_news
24 Mar 2026
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Quest KACE SMA CVE-2025-32975 (CVSS 10.0) enables unauthenticated SSO bypass leading to admin takeover. Active exploitation observed since March 9th targeting internet-exposed systems. Patch immediately and remove public exposure. #DFIR_Radar https://t.co/DeYuGJGcv7
@DFIR_Radar
24 Mar 2026
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Security Patches & Updates Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
@secguro
24 Mar 2026
197 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/2QkWixYuW2 via @TheHackersNews
@RoryCrave
24 Mar 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/MBASLG39qp via @TheHackersNews
@jackgoesvirtual
24 Mar 2026
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cybersecurity practitioners are facing a surge in targeted attacks against Quest KACE Systems Management Appliances. This episode of Prime Cyber Insights breaks down the technical specifics of CVE-2025-32975, a CVSS 10.0 vulnerability being used to hijack https://t.co/eqRN7A3F3w
@NeuralNewscast
24 Mar 2026
88 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers están explotando la #vulnerabilidad CVE-2025-32975 con calificación #CVSS 10.0 para secuestrar sistemas #Quest #KACE SMA sin parches https://t.co/rRLrE57BKJ
@Masterhacks_net
23 Mar 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers exploited CVE-2025-32975 to bypass authentication on Quest KACE SMA systems, gaining administrative control and moving laterally to managed endpoints. This incident highlights how management infrastructure compromises can amplify blast radius across entire IT
@aviatrixtrc
23 Mar 2026
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
エンドポイント管理製品Quest KACE Systems Management Appliance (SMA)のCVSSスコア10の脆弱性が悪用されている。Arctic Wolf社報告。CVE-2025-32975は認証回避の脆弱性で、2025年5月に修正されたもの。 https://t.co/DXm7hkjBtS
@__kokumoto
23 Mar 2026
770 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/nYyYFLgkxr
@StratoKey
23 Mar 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/ZktyqHY4h1 via @TheHackersNews
@ABabino
23 Mar 2026
94 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌 استغلال قراصنة لـ CVE-2025-32975 (CVSS 10.0) للسيطرة على أنظمة Quest KACE SMA غير المحدثة 🛡️ الفئة: ثغرة 📝 الملخص: كشفت Arctic Wolf عن استغلال مشتبه به لثغرة أمنية بالغة ال
@GMashari
23 Mar 2026
184 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
NEW THREAT INTEL: Quest KACE SMA SSO Auth Bypass (CVE-2025-32975, CVSS 10.0) -- Actively exploited for admin takeover and credential theft. 9 detections, 15 IOCs. https://t.co/eN8skv1fL5 #ThreatIntel #CyberSecurity #KACE #CVE https://t.co/QSOgAvGuEu
@threadlinqs
23 Mar 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#hackers Exploit #CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://t.co/F549UNfYn9
@AdliceSoftware
23 Mar 2026
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Explotación activa de CVE-2025-32975 permite tomar el control de Quest KACE SMA sin parchear https://t.co/k7DgeRoNkX
@escudata
23 Mar 2026
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89896426-35FC-4C39-9825-1B2F15062A02",
"versionEndExcluding": "13.0.385",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F19C73E-1C5F-4425-AE45-468B42CCB4B3",
"versionEndExcluding": "13.1.81",
"versionStartIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8BAB0-CC3B-4509-96E1-34382A156835",
"versionEndExcluding": "13.2.183",
"versionStartIncluding": "13.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC79AEC-90FA-4416-8DB7-E468F30075A4",
"versionEndExcluding": "14.0.341",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B00B0E-5ADF-48BC-8191-E7CE8A947130",
"versionEndExcluding": "14.1.101",
"versionStartIncluding": "14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]