Quest KACE Systems Management Appliance (ICSA-19-183-02)

The NCCIC has published an advisory on an improper input validation vulnerability in KACE Systems Management Appliance. All versions of 8.0.x, 8.1.x, and 9.0.x are affected. Successful exploitation of this vulnerability could allow an administrative user unintentional access to the underlying operating system of the device. Quest recommends affected users upgrade to Version 9.1 or newer. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.