How to fix CVE-2025-32975?

Within 24 hours: Inventory all Quest KACE SMA instances and their versions; isolate affected systems from production networks if possible; enable enhanced logging on authentication and administrative functions. Within 7 days: Implement network segmentation to restrict KACE SMA access to authorized personnel only; disable SSO authentication temporarily if operationally feasible and use local authentication instead; deploy WAF rules to monitor for exploitation attempts. Within 30 days: Contact Quest for available patches or workarounds; plan upgrade timeline to patched versions (13.0.385+, 13.1.81+, 13.2.183+, 14.0.341+, or 14.1.101+); conduct forensic audit of administrative access logs for suspicious activity.

CVE-2025-32975

EUVD-2025-19028 CRITICAL

2025-06-24 [email protected]

Authentication Bypass

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 20, 2026 - 20:22 vuln.today

cvss_changed

Added to CISA KEV

Apr 20, 2026 - 19:31 CISA

EUVD ID Assigned

Mar 15, 2026 - 22:36 euvd

EUVD-2025-19028

Analysis Generated

Mar 15, 2026 - 22:36 vuln.today

PoC Detected

Nov 03, 2025 - 20:18 vuln.today

Public exploit code

CVE Published

Jun 24, 2025 - 15:15 nvd

CRITICAL 10.0

DescriptionNVD

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.

AnalysisAI

A authentication bypass vulnerability (CVSS 10.0) that allows attackers. Risk factors: public PoC available.

Technical ContextAI

CWE-287 (Improper Authentication). CVSS 10.0 indicates critical severity with likely remote exploitation vector.

RemediationAI

Monitor vendor channels for patch availability. Restrict network access to affected components and enable MFA as interim mitigation.

CVE-2025-32975 vulnerability details – vuln.today

Back

CVE-2025-32975

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code