Over 870 internet-facing N-able N-central instances are affected by two recently exploited vulnerabilities, CVE-2025-8875 and CVE-2025-8876. These flaws, linked to privilege escalation, have prompted urgent patching and ongoing investigations into potential zero-day exploits. #N-ableNcentral #CVE20258875 #CVE20258876 #Shadowserver
Keypoints
- Over 870 N-able N-central instances are vulnerable to two critical exploits.
- The vulnerabilities include an insecure deserialization and command injection bugs.
- N-able released patches for the flaws in version 2025.3 of their RMM product.
- Many affected instances are located in the US, Canada, the Netherlands, Australia, and the UK.
- Most exploited instances are still unpatched, raising concerns of ongoing zero-day attacks.