Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

Over 870 internet-facing N-able N-central instances are affected by two recently exploited vulnerabilities, CVE-2025-8875 and CVE-2025-8876. These flaws, linked to privilege escalation, have prompted urgent patching and ongoing investigations into potential zero-day exploits. #N-ableNcentral #CVE20258875 #CVE20258876 #Shadowserver

Keypoints

  • Over 870 N-able N-central instances are vulnerable to two critical exploits.
  • The vulnerabilities include an insecure deserialization and command injection bugs.
  • N-able released patches for the flaws in version 2025.3 of their RMM product.
  • Many affected instances are located in the US, Canada, the Netherlands, Australia, and the UK.
  • Most exploited instances are still unpatched, raising concerns of ongoing zero-day attacks.

Read More: https://www.securityweek.com/hundreds-of-n-able-n-central-instances-affected-by-exploited-vulnerabilities/