The Quest team has been made aware regarding vulnerabilities involving the KACE System Management Appliance product below:
CVE-2022-35889 : Agent PS Script Vulnerability
Quest takes handling of vulnerabilities seriously, and we investigate and respond to all reported potential vulnerabilities. Our vulnerability reporting and response process can be found here.
CVE-2022-35889: A vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow local escalated privileges on a client.
The KACE SMA vulnerability reported under CVE-2022-35889 is resolved in the KACE SMA Agent versions 12.0.39 and 12.1.55, available for download at the support portal or for automatic update through the KACE SMA adminui Settings | Provisioning | Update Agents.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center