Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities.

More than 870 internet-exposed N-able N-central instances are running versions affected by two exploited vulnerabilities, data from The Shadowserver Foundation shows.

The security defects, tracked as CVE-2025-8875 and CVE-2025-8876, are described as an insecure deserialization issue and a command injection bug, respectively.

The flaws were disclosed on August 13, when N-able announced that patches for them were included in version 2025.3 of its remote monitoring and management (RMM) product.

On the same day, the US cybersecurity agency CISA added both vulnerabilities to its KEV catalog, urging federal agencies to patch them by August 20.

N-able did not share technical details on the bugs, but confirmed to SecurityWeek that the issues had been exploited against a limited number of customers to elevate privileges and abuse vulnerable self-hosted N-central instances.

“We have not seen ...