N-able N-Central vulnerabilities actively exploited (CISA)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added two security vulnerabilities affecting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation. N-able N-central is a Remote Monitoring and Management (RMM) platform tailored for Managed Service Providers (MSPs), enabling efficient management and security of clients’ Windows, Apple, and Linux endpoints from a unified interface. The identified vulnerabilities include CVE-2025-8875, an insecure deserialization flaw that could lead to command execution, and CVE-2025-8876, a command injection vulnerability due to improper user input sanitisation. Both issues have been resolved in N-central versions 2025.3.1 and 2024.6 HF2, released on August 13, 2025. N-able has urged customers to enable multi-factor authentication (MFA), especially for admin accounts, as these vulnerabilities require authentication to exploit.

In light of the active exploitation of these vulnerabilities, Federal Civilian Executive Branch (FCEB) agencies are advised to implement the necessary fixes by August 20, 2025, to safeguard their networks. This announcement follows CISA’s recent inclusion of two-year-old security flaws affecting Microsoft Internet Explorer and Office in the KEV catalog. The vulnerabilities, CVE-2013-3893 and CVE-2007-0671, both carry a CVSS score of 8.8 and allow for remote code execution. FCEB agencies have until September 9, 2025, to update to the latest versions or discontinue use if the products have reached end-of-life (EoL) status, as is the case with Internet Explorer.