CVE-2025-32976 – Quest KACE SMA 2FA Bypass

June 24, 2025

CVE-2025-32976 – Quest KACE SMA 2FA Bypass

Full Disclosure
mailing list archives
From: Seralys Research Team via Fulldisclosure
Date: Mon, 23 Jun 2025 22:44:34 +0000
Seralys Security Advisory | https://www.sera …

Published Date:
Jun 24, 2025 (3 hours, 40 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleCVE-2025-32977 – Quest KACE Unauthenticated Backup Upload

Next Article CVE-2025-32975 – Quest KACE SMA Authentication Bypass

Highlights

CVE-2025-6534 – Xxyopen Novel-Plus File Handler Remote Resource Identification Vulnerability

June 23, 2025

CVE ID : CVE-2025-6534

Published : June 24, 2025, 1:15 a.m. | 46 minutes ago

Description : A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/controller/FileController.java of the component File Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.2 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

Best early Prime Day Nintendo Switch deals: My 17 favorite sales live now

How I use VirtualBox to run any OS on my Mac – including Linux

Apple will give you a free pair of AirPods when you buy a MacBook or iPad for school – here’s who’s eligible

How Apple’s biggest potential acquisition ever could perplex AI rivals like Google

Music Streaming Platform using PHP and MySQL

Music Streaming Platform using PHP and MySQL

Solutions That Benefit Everyone – Why Inclusive Design Matters for All

Reducing Barriers Across Industries Through Inclusive Design

Windows 11 Installation Assistant Download: 2025 Guide

Windows 11 Installation Assistant Download: 2025 Guide

Didn’t Receive Gears of War: Reloaded Code? Explainer

Fix Vibrant Visuals Greyed Out in Minecraft Bedrock

CVE-2025-32976 – Quest KACE SMA 2FA Bypass

CVE-2025-32976 – Quest KACE SMA 2FA Bypass

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

CVE-2025-32975 – Quest KACE SMA Authentication Bypass

CVE-2024-47056 – Mautic Sensitive Information Disclosure

Universally Instance-Optimal Mechanisms for Private Statistical Estimation

CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

Firefox 138 Released With Fix for Multiple High-Severity Vulnerabilities

CVE-2025-6534 – Xxyopen Novel-Plus File Handler Remote Resource Identification Vulnerability

CVE-2025-4815 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Hollow Knight: Silksong fever grows again as we approach Summer Game Fest — will it finally get a release date?

CVE-2025-49584 – XWiki Information Disclosure Vulnerability

CVE-2025-32976 – Quest KACE SMA 2FA Bypass

CVE-2025-32976 – Quest KACE SMA 2FA Bypass

Related Posts