CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 4, 2026

CVE-2025-32975

Info

EPSS 0.2%CISA KEV

Quest/KACE Systems Management Appliance (SMA)

Description

Referenced in article: Critical Quest KACE Vulnerability Potentially Exploited in Attacks

EPSS — Exploit Probability

0.2%

Higher than 37.7% of all CVEs

Required Action

https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32975

CVE-2025-32975

Description

EPSS — Exploit Probability

Required Action

Related Articles (2)

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Risk Assessment

Details

Timeline

Affected Product

External Links