A critical security vulnerability in Quest KACE Systems Management Appliance (SMA) is being actively exploited by cybercriminals, posing a severe threat to organisations using unpatched systems. The vulnerability, designated as CVE-2025-32975, has been assigned the maximum severity score of 10.0 on the CVSS scale, indicating an extremely dangerous security flaw that requires immediate attention from IT security teams worldwide.
The KACE SMA platform is widely used by enterprises for systems management, asset tracking, and software deployment across their IT infrastructure. This makes it a particularly attractive target for threat actors seeking to gain unauthorised access to corporate networks. When successfully exploited, this vulnerability allows attackers to completely hijack affected systems, potentially giving them full control over the appliance and access to sensitive organisational data.
Security researchers have confirmed that threat actors are already scanning for and targeting vulnerable KACE SMA installations in the wild. The exploitation attempts demonstrate that attackers are moving quickly to capitalise on this critical flaw before organisations can implement necessary patches. The severity of this vulnerability underscores the importance of maintaining up-to-date security patches and following vendor security advisories promptly.
Organisations running Quest KACE SMA systems are strongly advised to apply security updates immediately and review their systems for any signs of compromise. IT administrators should prioritise patching these appliances and consider implementing additional network segmentation and monitoring to detect potential exploitation attempts. The incident serves as a stark reminder of the critical importance of proactive vulnerability management and the need for organisations to maintain robust security postures in an increasingly hostile cyber threat landscape.
Fuente Original: https://thehackernews.com/2026/03/hackers-exploit-cve-2025-32975-cvss-100.html
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario