Post

Critical N-able N-Central Vulnerabilities Added to CISA’s Exploited Flaws Catalog: Urgent Patch Required

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical N-able N-Central vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Learn about the risks, affected systems, and the urgent patch required to mitigate these flaws.

Posted
By Tom Grant
3 min read
Critical N-able N-Central Vulnerabilities Added to CISA’s Exploited Flaws Catalog: Urgent Patch Required

TL;DR

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities in N-able N-Central, a widely used Remote Monitoring and Management (RMM) platform, to its Known Exploited Vulnerabilities (KEV) catalog. These flaws, CVE-2025-8875 (Insecure Deserialization) and CVE-2025-8876 (Command Injection), pose significant risks to organizations using the platform. Federal agencies and private organizations are urged to patch their systems immediately to prevent exploitation.

CISA Adds N-able N-Central Vulnerabilities to Known Exploited Flaws Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken action by adding two critical vulnerabilities in N-able N-Central to its Known Exploited Vulnerabilities (KEV) catalog. This catalog highlights vulnerabilities that are actively exploited by threat actors, posing significant risks to organizations worldwide.

Vulnerabilities Identified

The two vulnerabilities added to the catalog are:

  1. CVE-2025-8875: Insecure Deserialization Vulnerability
    • This flaw allows attackers to execute arbitrary code by exploiting insecure deserialization processes in N-able N-Central.
  2. CVE-2025-8876: Command Injection Vulnerability
    • Attackers can inject malicious commands into the system, potentially gaining control over affected devices.

Both vulnerabilities require authentication to exploit, but unpatched systems remain at high risk of compromise.

About N-able N-Central

N-able N-Central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs). It enables centralized management and security for Windows, Apple, and Linux endpoints, making it a critical tool for IT infrastructure management.

Urgent Patch Released

N-able has addressed these vulnerabilities in the General Availability (GA) release of N-Central 2025.3.1. According to the official advisory:

“This release includes a critical security fix for CVE-2025-8875 and CVE-2025-8876. These vulnerabilities require authentication to exploit. However, there is a potential risk to the security of your N-central environment if unpatched. You must upgrade your on-premises N-central to 2025.3.1.”

Organizations using N-able N-Central are strongly advised to apply the patch immediately to mitigate potential risks.

CISA’s Directive for Federal Agencies

Under Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are required to address these vulnerabilities by August 20, 2025, to protect their networks from attacks exploiting these flaws.

CISA also recommends that private organizations review the KEV catalog and take necessary actions to secure their infrastructure.

Broader Context: Recent Additions to CISA’s KEV Catalog

This announcement follows CISA’s recent addition of vulnerabilities in Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR to the KEV catalog. These actions highlight the growing importance of proactive vulnerability management in today’s threat landscape.

Why This Matters

  • Critical Infrastructure at Risk: N-able N-Central is widely used by MSPs to manage IT environments, making it a high-value target for cybercriminals.
  • Active Exploitation: Vulnerabilities in the KEV catalog are known to be exploited in the wild, increasing the urgency for patching.
  • Regulatory Compliance: Federal agencies must comply with CISA directives, while private organizations should prioritize patching to avoid breaches.

Conclusion

The addition of N-able N-Central vulnerabilities to CISA’s KEV catalog underscores the critical need for timely patching and proactive cybersecurity measures. Organizations using N-Central must upgrade to version 2025.3.1 immediately to protect their systems from exploitation. Staying ahead of threats requires continuous monitoring, patch management, and adherence to best practices in cybersecurity.

For further updates, follow CISA’s KEV catalog and N-able’s official advisories.

Additional Resources

For more insights on cybersecurity vulnerabilities and best practices, explore:

Cybersecurity & Data Protection, Vulnerabilities
n-able vulnerability cybersecurity
This post is licensed under CC BY 4.0 by the author.