CISA has issued a warning about active exploitation of two vulnerabilities in N-ableβs N-central RMM platform, primarily affecting managed service providers and IT departments. Organizations are urged to update to version 2025.3.1 to mitigate risks, with some instances already exposed online. #Nable #CVE20255875 #CVE20255876
Keypoints
- CISA warns of active exploitation of two security flaws in N-ableβs N-central platform.
- The vulnerabilities allow command execution and input injection attacks with limited required permissions.
- N-able released a security patch in version 2025.3.1, urging users to upgrade promptly.
- Approximately 2,000 N-central instances are exposed online, mainly in the US, Australia, and Germany.
- Federal agencies must patch these vulnerabilities within one week under CISAβs directives.