Summary
Arctic Wolf reports attacks exploiting a critical authentication bypass (CVE-2025-32975) in Quest KACE SMA to gain administrative control and move laterally into domain controllers and backup systems.
Take Action:
If you are using Quest KACE SMA, this is urgent. Make sure your Quest KACE SMA is off the public internet and behind a VPN immediately. Check your logs for new unknown admin accounts, as these are signs that attackers have already taken over your management system. Then patch ASAP.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)