PatchSiren cyber security CVE debrief
CVE-2025-32975 Quest CVE debrief
CVE-2025-32975 is an improper authentication vulnerability in Quest KACE Systems Management Appliance (SMA) that CISA added to the Known Exploited Vulnerabilities catalog on 2026-04-20. The KEV listing means defenders should treat it as an urgent remediation item, even though the supplied public corpus does not include affected versions, impact depth, or exploit mechanics. CISA’s guidance is to apply vendor mitigations, follow BOD 22-01 guidance for cloud services where applicable, or discontinue use of the product if mitigations are unavailable.
- Vendor
- Quest
- Product
- KACE Systems Management Appliance (SMA)
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2026-04-20
- Original CVE updated
- 2026-04-20
- Advisory published
- 2026-04-20
- Advisory updated
- 2026-04-20
Who should care
Organizations that operate Quest KACE Systems Management Appliance (SMA), especially IT operations, endpoint/device management teams, vulnerability management teams, and security teams responsible for internet-facing or business-critical management appliances.
Technical summary
The available source corpus identifies the flaw only as an improper authentication vulnerability in Quest KACE SMA. No CVSS score, affected-version range, or attack-path details are included in the supplied records. The most important technical fact available here is that CISA classifies CVE-2025-32975 as a known exploited vulnerability, which raises the priority above a routine patch advisory and makes timely mitigation essential.
Defensive priority
High priority. Because CISA added this CVE to KEV on 2026-04-20 and set a remediation due date of 2026-05-04, defenders should prioritize inventory, exposure review, and vendor-directed mitigation immediately.
Recommended defensive actions
- Review Quest’s official response for the KACE SMA vulnerabilities referenced by CISA (KB 4379499) and apply the vendor’s recommended fix or mitigation as soon as possible.
- Identify all Quest KACE SMA instances in your environment, including any externally reachable deployments, and confirm their current remediation status.
- If vendor mitigations are not available or cannot be applied safely, follow CISA guidance to discontinue use of the product.
- Validate that remediation completed before the CISA due date of 2026-05-04 and document exceptions for risk acceptance if any remain.
- Monitor administrative and authentication activity on affected appliances for signs of unusual access while remediation is underway.
Evidence notes
The supplied corpus provides only limited technical detail: the CVE title/description, CISA KEV metadata, and official record links. CISA’s KEV entry names the issue as an improper authentication vulnerability in Quest KACE SMA, marks it as known exploited, and sets dateAdded to 2026-04-20 with dueDate 2026-05-04. The KEV metadata also references Quest support KB 4379499 and NVD as source context, but the corpus here does not include the contents of those advisories or any exploit details.
Official resources
-
CVE-2025-32975 CVE record
CVE.org
-
CVE-2025-32975 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
Publicly recorded as CVE-2025-32975 and added by CISA to the KEV catalog on 2026-04-20, with remediation due by 2026-05-04.