Hackers Exploit Critical Quest KACE Flaw to Take Over Management Systems

Arctic Wolf warns of CVE-2025-32975 exploit in Quest KACE SMA, urging immediate patches to prevent unauthorized control.

By Content Team

Mar 21, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Arctic Wolf detected attackers exploiting CVE-2025-32975, a critical authentication bypass vulnerability in Quest KACE Systems Management Appliance (SMA). The flaw, patched in May 2025, lets hackers impersonate legitimate users and gain full administrative control of unpatched systems exposed to the internet.

The attacks began around March 2026, targeting organizations including those in education. Attackers used the vulnerability for initial access before achieving complete system takeover. KACE SMA is widely used for managing endpoints, software distribution, and patching across networks.

Arctic Wolf couldn't identify the attackers or their motives but suspects opportunistic targeting of internet-exposed appliances. Organizations must immediately patch outdated Quest KACE systems.

Source: SecurityWeek

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Oswego Man Pleads Guilty to Hacking Hundreds of Women's Snapchats for Nude Photos

Feb 6, 2026

Tennessee Man Pleads Guilty to Hacking Supreme Court Filing System 25 Times

Jan 18, 2026

Critical BeyondTrust Vulnerability Allows Hackers Complete System Access

Feb 8, 2026

CISA Flags Critical TrueConf Vulnerability Under Active Attack

Apr 6, 2026