CVE-2025-32977
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-24

Last updated on: 2025-11-03

Assigner: MITRE

Description
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to upload backup files to the system. While signature validation is implemented, weaknesses in the validation process can be exploited to upload malicious backup content that could compromise system integrity.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-24
Last Modified
2025-11-03
Generated
2026-05-07
AI Q&A
2025-06-24
EPSS Evaluated
2026-05-05
NVD
CVE-2025-32977
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-32977 is a critical vulnerability in Quest KACE Systems Management Appliance (SMA) that allows unauthenticated users to upload backup files to the system. Although the system implements signature validation to verify backup files, weaknesses in this cryptographic signature verification process (CWE-347) can be exploited by attackers to upload malicious backup content. This malicious content can compromise the system's integrity by injecting harmful data. [1, 2]


How can this vulnerability impact me? :

This vulnerability can severely impact you by allowing attackers without authentication to upload malicious backup files to your Quest KACE SMA system. Exploiting the flawed signature validation, attackers can compromise system integrity, potentially leading to unauthorized control, data corruption, or disruption of system operations. Given its critical severity and high CVSS score of 9.6, the risk includes complete system compromise. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves identifying if your Quest KACE Systems Management Appliance (SMA) is running an affected version prior to the patched releases (13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 Patch 5, and 14.1.x before 14.1.101 Patch 4). You can check the appliance version via its management interface or command line. Since the vulnerability allows unauthenticated backup uploads due to weak signature validation, monitoring for unexpected backup upload activity or unauthorized file uploads could indicate exploitation attempts. Specific commands are not provided in the resources, but administrators should verify the version and review logs for unusual backup upload requests. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to update the Quest KACE Systems Management Appliance (SMA) to one of the patched versions: 13.0.385, 13.1.81, 13.2.183, 14.0.341 (Patch 5), or 14.1.101 (Patch 4). Applying these patches addresses the improper cryptographic signature verification vulnerability. Additionally, administrators should monitor for unauthorized backup uploads and restrict network access to the appliance where possible until the patch is applied. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart