CVE-2025-26850

Summary

The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1.19 potentially allows privilege escalation on managed systems.

Affected Software

VendorProductVersion RangeStatus
QuestKACE Systems Management Appliance0 < 14.0.97affected
QuestKACE Systems Management Appliance14.1.0 < 14.1.19affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References