Quest

Quest Software, known for IT management and security solutions, has a critical remote vulnerability (ZDI-CAN-28202) with a CVSS score of 8.8 that requires no authentication or user interaction complexity, allowing attackers to remotely achieve high impact across confidentiality, integrity, and availability. The vulnerability only requires user interaction and network access, making it easily exploitable for widespread compromise. Security teams should monitor for patches before the January 31, 2026 deadline and immediately prioritize patching Quest products once updates are available, as this vulnerability presents significant risk to enterprise environments.