Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

June 25, 2025

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Quest Software has released urgent security hotfixes addressing four newly discovered vulnerabilities in its KACE Systems Management Appliance (SMA) product line, one of which has been rated with the …

Published Date:
Jun 26, 2025 (2 hours, 57 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleCISA Warns of Critical Flaws in ControlID iDSecure Vehicle Control Software

Next Article FOSS Weekly #25.26: Torvalds-Gates Showdown, Hyprland Premium, Fedora’s 32-bit Debacle, Xfce Themes and More Linux Stuff

Highlights

CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

May 20, 2025

CVE ID : CVE-2025-4997

Published : May 20, 2025, 8:15 p.m. | 22 minutes ago

Description : A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-43576 – Adobe Acrobat Reader Use After Free Vulnerability

CVE-2025-32705 – Microsoft Office Outlook Out-of-bounds Read Remote Code Execution Vulnerability

CVE-2025-49385 – Trend Micro Security Local Privilege Escalation Vulnerability

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas

Burn rate to the moon — OpenAI bets big on AI chips and cloud muscle

How to Deploy a Next.js API to Production using Sevalla

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Related Posts