Vulnerability intelligence

CVE-2025-32975

Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

Quest KACE Systems Management Appliance (SMA)

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.

CVSS Score

Critical

EPSS — Exploit Probability

39%

Riskier than 97% of all CVEs

Exploitation

Confirmed in the wild

Used in ransomware campaigns

Remediation

Patch available

Federal deadline 2026-05-04

CISA required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-05-04.

NVD entry Vendor patch PoC / advisory CISA KEV

6 articles across 5 outlets · first covered Apr 21, 2026 · latest May 13, 2026

Associated threat actors

DEV-0950

Coverage timeline

Quest KACE Flaw CVE-2025-32975 Leaks Data of 60+ Organisations
securityaffairs.com · May 13, 2026
CISA Adds Cisco SD WAN, Zimbra XSS Flaws to KEV Catalog
www.securityweek.com · Apr 21, 2026
CISA adds weaponised PaperCut, TeamCity flaws to KEV catalog
securityaffairs.com · Apr 21, 2026
CISA adds eight KEV flaws, Cisco SDWAN bugs actively exploited
thehackernews.com · Apr 21, 2026
Quest KACE SMA flaw lets attackers bypass authentication
www.cisa.gov · Apr 21, 2026
CISA warns KACE SMA bug lets attackers bypass authentication
cisa.gov · Apr 21, 2026