Can you explain this vulnerability to me?

CVE-2025-32976 is a high-severity logic flaw in the two-factor authentication (2FA) implementation of Quest KACE Systems Management Appliance (SMA). It allows authenticated users to bypass the Time-based One-Time Password (TOTP) 2FA requirement by exploiting a flaw in the 2FA validation process. This means that even if 2FA is enabled, an attacker who already has some level of access can circumvent the additional authentication step to gain elevated privileges. [1, 2]

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can allow an attacker who has authenticated access to the Quest KACE SMA to bypass the TOTP-based 2FA protection and gain elevated administrative access. This elevated access can lead to unauthorized control over the appliance, potentially compromising confidentiality, integrity, and availability of the managed systems and data. [1, 2, 3]

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

To mitigate the CVE-2025-32976 vulnerability, immediately update your Quest KACE Systems Management Appliance (SMA) to one of the patched versions: 13.0.385, 13.1.81, 13.2.183, 14.0.341 (Patch 5), or 14.1.101 (Patch 4). For 13.x versions, apply the security hotfix via the Admin console under Settings | Appliance Updates and reapply it after every full upgrade within the 13.x series. For versions 14.0 and later, apply the latest patches through the support portal or automatic updates via the Admin UI. Avoid unsupported upgrade paths such as from 14.0.341 directly to 14.1.95. If you experience login issues with the KACE Go app after patching, follow the guidance provided by Quest support. [1, 2, 3]

Useful 0 Not Useful 0