CISA Alerts on N-able N-Central Vulnerability: Deserialization and Injection Flaws Exploited in Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent warnings about two critical security vulnerabilities in N-able N-Central remote monitoring and management (RMM) software, identified as CVE-2025-8875 and CVE-2025-8876. These vulnerabilities are actively being exploited by threat actors, posing significant risks to organisations that utilise this widely-deployed IT management platform. The first vulnerability, CVE-2025-8875, is an insecure deserialization flaw that could allow arbitrary command execution on affected systems. This vulnerability arises from the improper handling of serialized objects, enabling remote attackers to gain unauthorised access and control over managed systems. The second vulnerability, CVE-2025-8876, involves command injection due to inadequate sanitisation of user input, allowing malicious actors to execute arbitrary system commands.

CISA has set a mandatory remediation deadline of August 20, 2025, for organisations to implement necessary fixes. This timeline reflects the urgency of addressing these vulnerabilities, which were added to the Known Exploited Vulnerabilities (KEV) catalog on August 13. Organisations are advised to immediately apply vendor-provided patches and follow the applicable Binding Operational Directive (BOD) 22-01 guidance for cloud security. Failure to address these vulnerabilities could result in severe consequences, including unauthorised access to sensitive data and potential system compromise. Security teams must prioritise these issues to safeguard their networks against sophisticated threat actors. 

Categories: Cybersecurity Vulnerabilities, Remote Code Execution, Mitigation Strategies 

Tags: CISA, N-able N-Central, Vulnerabilities, CVE-2025-8875, CVE-2025-8876, Remote Code Execution, Deserialization, Command Injection, Mitigations, Security Risks