CISA: Attacks Exploit Two N-able N-central Flaws; Patches Available

by Justin Erickson

CISA says two vulnerabilities in N-able’s N-central RMM platform are under active exploitation and has added them to the Known Exploited Vulnerabilities (KEV) catalog. These CVEs – with a score of 9.4 – allow insecure deserialization leading to command execution and command injection via improper input sanitization, according to reports summarizing CISA’s alert. N-able released updates on August 13 that address these flaws: N-central 2025.3.1 and 2024.6 HF2, noting the bugs require authentication but still pose risk if unpatched. The company urges customers to update and ensure MFA—especially for admin accounts—is enabled. Agencies have a remediation due date of August 20, 2025. The flaws are listed as CVE-2025-8875 and CVE-2025-8876.