Security Advisory

CVE-2025-32977

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-24 00:00:00

Last updated 2025-11-03 19:53:53

Assigner mitre

State PUBLISHED

Description

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to upload backup files to the system. While signature validation is implemented, weaknesses in the validation process can be exploited to upload malicious backup content that could compromise system integrity.

← Browse all CVEs View on cve.org ↗