Quest

Quest Software, known for IT management and backup solutions, has a high-severity vulnerability (CVSS 8.8) that can be exploited remotely by an authenticated attacker without user interaction, potentially compromising confidentiality, integrity, and availability of affected systems. The vulnerability requires valid credentials but poses significant risk to organizations relying on Quest products for critical infrastructure management. Security teams should monitor for exploitation attempts against Quest deployments and prioritize patching once fixes become available after the January 22, 2026 vendor deadline.