PT-2025-28028 · Quest · Quest Kace System Management Appliance
Published
2025-07-04
·
Updated
2025-07-10
·
CVE-2025-26850
CVSS v3.1
9.3
Critical
| Vector | AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Quest KACE Systems Management Appliance (SMA) versions 14.0.0 through 14.0.96
Quest KACE Systems Management Appliance (SMA) versions 14.1.0 through 14.1.18
Description:
The issue potentially allows privilege escalation on managed systems.
Recommendations:
For versions 14.0.0 through 14.0.96, update to version 14.0.97 or later.
For versions 14.1.0 through 14.1.18, update to version 14.1.19 or later.
Fix
LPE
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Quest Kace System Management Appliance