CVE-2025-32976

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-32976
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains a logic flaw in its two-factor authentication implementation that allows authenticated users to bypass TOTP-based 2FA requirements. The vulnerability exists in the 2FA validation process and can be exploited to gain elevated access.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://seclists.org/fulldisclosure/2025/Jun/23
https://seralys.com/research/CVE-2025-32976.txt
https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
Configurations

No configuration.

History

26 Jun 2025, 18:58

Type Values Removed Values Added
Summary
  • (es) Quest KACE Systems Management Appliance (SMA) 13.0.x (anterior a la versión 13.0.385), 13.1.x (anterior a la versión 13.1.81), 13.2.x (anterior a la versión 13.2.183), 14.0.x (anterior a la versión 14.0.341 [Parche 5]) y 14.1.x (anterior a la versión 14.1.101 [Parche 4]) contiene una falla lógica en su implementación de autenticación de dos factores que permite a los usuarios autenticados eludir los requisitos de autenticación de dos factores basada en TOTP. La vulnerabilidad existe en el proceso de validación de dos factores y puede explotarse para obtener acceso elevado.

24 Jun 2025, 16:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8
CWE CWE-288

24 Jun 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-24 15:15

Updated : 2025-06-26 18:58

NVD link : CVE-2025-32976

Mitre link : CVE-2025-32976

CVE.ORG link : CVE-2025-32976

JSON object : View

Products Affected

No product.

CWE
CWE-288

Authentication Bypass Using an Alternate Path or Channel