Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Quest Global

Quest Global Vendor Cyber Rating & Cyber Score

questglobal.com

We are Quest Global. We’re in the business of engineering, but what we’re really building is a brighter future. It’s not just what we do, but why we do it that makes us different. We believe engineering has the unique opportunity to solve the problems of today that stand in the way of tomorrow. For more than 25 years, we have strived to be the most trusted partner for the world’s hardest engineering problems. As a global organization headquartered in Singapore, we live and work in 18 countries, with 93 global delivery centers and offices, driven by 21,000+ extraordinary employees who make the impossible possible every day. Quest Global delivers world-class end-to-end engineering solutions by leveraging our deep industry knowledge and


Quest Global A.I CyberSecurity Scoring

Quest Global
Company Information
Website:https://www.questglobal.com/
Employees number:20,185
Number of followers:683,444
NAICS:54139
Industry Type:Engineering Services
Homepage:questglobal.com
Quest Global Risk Score (AI oriented)
Between 750 and 799
logo
Quest GlobalEngineering Services
Updated:
01/04/2026
791/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Quest Global Global Score (TPRM)
xxxx
logo
Quest GlobalEngineering Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Quest Global
Quest GlobalFair
Current Score
791Baa (FAIR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
792Before Incident
JUNE 2026
792Before Incident
MAY 2026
791Before Incident
APRIL 2026
791Before Incident
MARCH 2026
791Before Incident
Vulnerability
09 Mar 2026Quest Global
Quest: Hackers Exploit Quest KACE SMA Flaw to Steal Credentials

Critical Quest KACE SMA Vulnerability Exploited in Active Attacks

791After Incident
CRITICAL0
QUE1774275950
Critical Quest KACE SMA Vulnerability Exploited in Active Attacks Security researchers have uncovered active exploitation of a severe authentication bypass flaw in Quest KACE Systems Management Appliance (SMA), tracked as CVE-2025-32975, allowing attackers to gain full administrative control over vulnerable systems. The vulnerability affects the appliance’s Single Sign-On (SSO) mechanism, enabling threat actors to impersonate legitimate users without credentials. Quest KACE SMA is widely deployed for endpoint management, including software deployment, patching, and device monitoring, making it a prime target due to its deep integration into enterprise networks. Despite a patch being released in May 2025, many organizations remain unprotected, with exploitation activity first observed the week of March 9, 2026. Attackers exploit the flaw to bypass authentication, then use the KPluginRunProcess feature to execute remote commands via Base64-encoded payloads. In documented cases, they leveraged curl commands to fetch additional malware from a command-and-control server (216.126.225.156). Persistence is established by abusing runkbot.exe to create rogue administrative accounts and deploying PowerShell scripts (e.g., Enable-UpdateServices.ps1, taskband.ps1) to modify registry settings and maintain access across reboots. Once inside, attackers harvest credentials using Mimikatz (disguised as asd.exe) and conduct lateral movement via RDP, targeting domain controllers and backup systems (including Veeam and Veritas). This escalation increases risks of data theft, ransomware, or full network compromise. Affected versions include 13.0, 13.1, and 13.2, with fixes available in 13.0.385, 13.1.81, and 13.2.183 or later. Newer deployments (14.0, 14.1) require Patch 5 (14.0.341) and Patch 4 (14.1.101), respectively. Researchers also recommend removing KACE SMA from public internet exposure and restricting access via VPNs or secure network boundaries to mitigate risks. The campaign underscores the dangers of unpatched systems and the rapid weaponization of known vulnerabilities.
INCIDENT DETAILS -
TYPE
Authentication Bypass
MOTIVATION
Data TheftRansomwareNetwork Compromise
IMPACT
Endpoint Management SystemsDomain ControllersBackup SystemsOperational Impact: Full administrative control over vulnerable systems
DATA BREACH
CredentialsAdministrative AccessSensitivity Of Data: High
FEBRUARY 2026
791Before Incident
JANUARY 2026
791Before Incident
DECEMBER 2025
791Before Incident
NOVEMBER 2025
791Before Incident
OCTOBER 2025
791Before Incident
SEPTEMBER 2025
791Before Incident
AUGUST 2025
791Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Quest Global ?
?
What was Quest Global's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Quest Global's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Quest Global's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Quest Global ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Quest Global's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?