Detections
Analytics

Quest KACE SMA 13.0.x < 13.0.385 / 13.1.x < 13.1.81 / 13.2.x < 13.2.183 / 14.0.x < 14.0.341 / 14.1.x < 14.1.101 Multiple Vulnerabilities

critical Nessus Plugin ID 306731

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Quest KACE Systems Management Appliance (SMA) running on the remote host is 13.0.x prior to 13.0.385, 13.1.x prior to 13.1.81, 13.2.x prior to 13.2.183, 14.0.x prior to 14.0.341, or 14.1.x prior to 14.1.101. It is, therefore, affected by multiple vulnerabilities, including:

 - An authentication bypass vulnerability in the SSO authentication handling mechanism that allows attackers to impersonate legitimate users without valid credentials, potentially leading to complete administrative takeover.
 (CVE-2025-32975)

 - An unauthenticated backup file upload vulnerability that allows attackers to exploit weaknesses in the signature validation process to upload malicious backup content that could compromise system integrity. (CVE-2025-32977)

 - A logic flaw in the two-factor authentication implementation that allows authenticated users to bypass TOTP-based 2FA requirements and gain elevated access. (CVE-2025-32976)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Quest KACE SMA version 13.0.385, 13.1.81, 13.2.183, 14.0.341, 14.1.101, or later.

See Also

http://www.nessus.org/u?bdee2d04

Plugin Details

Severity: Critical

ID: 306731

File Name: quest_kace_sma_CVE-2025-32975.nasl

Version: 1.1

Type: Remote

Family: CGI abuses

Published: 4/16/2026

Updated: 4/16/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-32975

CVSS v3

Risk Factor: Critical

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS v4

Risk Factor: Critical

Base Score: 10

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Vulnerability Information

CPE: cpe:/a:quest:kace_systems_management_appliance

Required KB Items: installed_sw/Quest KACE Systems Management Appliance

Patch Publication Date: 5/27/2025

Vulnerability Publication Date: 5/27/2025

Reference Information

CVE: CVE-2025-32975, CVE-2025-32976, CVE-2025-32977, CVE-2025-32978

IAVA: 2026-A-0277