CVE-2025-32978 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.…
High CVSS: 7.5

CVE-2025-32978

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to replace system licenses through a web interface intended for license renewal. Attackers can exploit this to replace valid licenses with expired or trial licenses, causing denial of service.
Vendor
-
Product
-
CWE
CWE-306
Yayın Tarihi
2025-06-24 15:15:24
Güncelleme
2025-11-03 20:18:29
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-306 HIGH 2025

Referanslar

https://seclists.org/fulldisclosure/2025/Jun/25 https://seralys.com/research/CVE-2025-32978.txt https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978 http://seclists.org/fulldisclosure/2025/Jun/25