Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Threat actors are actively exploiting a maximum-severity security flaw in Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf research. The vulnerability, tracked as CVE-2025-32975 with a CVSS score of 10.0, allows attackers to completely bypass authentication and impersonate legitimate users without valid credentials. Active Exploitation in the Wild Arctic Wolf observed malicious activity…
