The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure their clients’ Windows, Apple, and Linux endpoints from a single, unified platform.
The vulnerabilities in question are listed below –
- CVE-2025-8875 (CVSS score: N/A) – An insecure deserialization vulnerability that could lead to command execution
- CVE-2025-8876 (CVSS score: N/A) – A command injection vulnerability via improper sanitization of user input
Both shortcomings have been addressed in N-central versions 2025.3.1 and 2024.6 HF2 released on August 13, 2025. N-able is also urging customers to make sure that multi-factor authentication (MFA) is enabled, particularly for admin accounts.
“These vulnerabilities require authentication to exploit,” N-able said in an alert. “However, there is a potential risk to the security of your N-central environment, if unpatched. You must upgrade your on-premises N-central to 2025.3.1.”
It’s currently not known how the vulnerabilities are being exploited in real-world attacks, in what context, and what is the scale of such efforts. The Hacker News has reached out to N-able for comment, and we will update the story if we hear back.
In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are recommended to apply the necessary fixes by August 20, 2025, to secure their networks.
The development comes a day after CISA placed two-year-old security flaws affecting Microsoft Internet Explorer and Office in the KEV catalog –
- CVE-2013-3893 (CVSS score: 8.8) – A memory corruption vulnerability in Microsoft Internet Explorer that allows for remote code execution
- CVE-2007-0671 (CVSS score: 8.8) – A remote code execution vulnerability in Microsoft Office Excel that can be exploited when a specially crafted Excel file is opened to achieve remote code execution
FCEB agencies have time till September 9, 2025, to update to the latest versions, or discontinue their use if the product has reached end-of-life (EoL) status, as is the case with Internet Explorer.
