Quest

Quest Software, known for backup, recovery, and identity management solutions, has a high-severity vulnerability (CVSS 8.8) that can be exploited remotely by authenticated users without user interaction to compromise confidentiality, integrity, and availability of affected systems. The vulnerability requires network access and valid login credentials but no additional complexity to execute. Security teams should prioritize patching once Quest releases fixes (deadline January 22, 2026) and monitor for exploitation attempts targeting Quest product environments, particularly those exposed to untrusted network access.