SB20260424172 - Multiple vulnerabilities in KACE Systems Management Appliance (SMA)
Published: April 24, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Improper Authentication (CVE-ID: CVE-2025-32975)
The vulnerability allows a remote attacker to bypass authentication and impersonate legitimate users.
The vulnerability exists due to improper authentication in the SSO authentication handling mechanism when processing authentication requests. A remote attacker can impersonate any valid username to bypass authentication and impersonate legitimate users.
The issue can lead to complete administrative takeover of the appliance.
2) Authentication bypass using an alternate path or channel (CVE-ID: CVE-2025-32976)
The vulnerability allows a remote user to bypass TOTP-based two-factor authentication.
The vulnerability exists due to authentication bypass using an alternate path in the 2FA validation process when validating two-factor authentication. A remote user can exploit a logic flaw to bypass TOTP-based two-factor authentication.
The issue affects the two-factor authentication implementation.
3) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2025-32977)
The vulnerability allows a remote attacker to upload malicious backup content.
The vulnerability exists due to improper verification of cryptographic signature in the backup upload functionality when processing uploaded backup files. A remote attacker can upload a specially crafted backup file to upload malicious backup content.
User interaction is required.
4) Missing Authentication for Critical Function (CVE-ID: CVE-2025-32978)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to missing authentication for a critical function in the license renewal web interface when handling license replacement requests. A remote attacker can submit a crafted license replacement request to cause a denial of service.
This can disrupt administrative functions by replacing a valid license with an expired or trial license.
Remediation
Install update from vendor's website.
References
- https://seralys.com/research/CVE-2025-32975.txt
- https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
- https://seralys.com/research/CVE-2025-32976.txt
- https://seralys.com/research/CVE-2025-32977.txt
- https://seralys.com/research/CVE-2025-32978.txt