CVE-2025-32977 – Quest KACE Systems Management Appliance File Upload Vulnerability

June 24, 2025

CVE ID : CVE-2025-32977

Published : June 24, 2025, 3:15 p.m. | 3 hours, 38 minutes ago

Description : Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to upload backup files to the system. While signature validation is implemented, weaknesses in the validation process can be exploited to upload malicious backup content that could compromise system integrity.

Severity: 9.6 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32978 – Quest KACE Systems Management Appliance License Replacement Vulnerability

Next Article CVE-2025-32975 – Quest KACE Systems Management Appliance Authentication Bypass Vulnerability

Highlights

CVE-2025-26332 – Dell XtremIO X2 TechAdvisor Insertion of Sensitive Information into Log File

July 30, 2025

CVE ID : CVE-2025-26332

Published : July 30, 2025, 6:15 p.m. | 5 hours, 29 minutes ago

Description : TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-32977 – Quest KACE Systems Management Appliance File Upload Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

Classify call center conversations with Amazon Bedrock batch inference

Physical UI, Escaping UX Traps

CVE-2025-5249 – PHPGurukul News Portal Project SQL Injection Vulnerability

After 25 Years, Linux Format Magazine is No More

CVE-2025-26332 – Dell XtremIO X2 TechAdvisor Insertion of Sensitive Information into Log File

Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT

CVE-2025-43237 – Apple macOS Sequoia Write Access Vulnerability

Last Week in AI #311 – Claude 4 System Card, more Veo 3, Flux Kontext

CVE-2025-32977 – Quest KACE Systems Management Appliance File Upload Vulnerability

Related Posts