Ethical Hacking News
CISA has issued an urgent warning about two previously undisclosed vulnerabilities in the N-able N-central platform that are being actively exploited in zero-day attacks. The agency is urging organizations to prioritize securing their systems against this actively exploited security flaw as soon as possible, and has added these flaws to its Known Exploited Vulnerabilities Catalog.
N-able N-central remote monitoring and management (RMM) platform has been found to be vulnerable to two previously undisclosed security flaws. CISA has issued an urgent warning about these vulnerabilities, which allow threat actors to gain command execution via deserialization weakness and inject commands by exploiting user input vulnerability. N-able has patched the security bugs in N-central 2025.3.1 and urged admins to secure their systems before further information is released. CISA has added these flaws to its Known Exploited Vulnerabilities Catalog, mandating that Federal Civilian Executive Branch (FCEB) agencies patch their systems by August 20.
CISA has issued an urgent warning to organizations that utilize the N-able N-central remote monitoring and management (RMM) platform, citing two previously undisclosed vulnerabilities that have been actively exploited in zero-day attacks. According to the Cybersecurity and Infrastructure Security Agency (CISA), these security flaws allow threat actors to gain command execution via an insecure deserialization weakness (CVE-2025-8875) and inject commands by exploiting an improper sanitization of user input vulnerability (CVE-2025-8876).
The N-central platform, commonly used by managed services providers (MSPs) and IT departments to monitor, manage, and maintain client networks and devices from a centralized web-based console, has been found to be vulnerable to these two security flaws. Although N-able has not yet confirmed CISA's report that the security bugs are now being exploited in the wild, the company patched them in N-central 2025.3.1. It also urged admins to secure their systems before further information on the bugs is released.
"The release includes a critical security fix for CVE-2025-8875 and CVE-2025-8876," said an N-able advisory. "These vulnerabilities require authentication to exploit, but there is a potential risk to the security of your N-central environment if unpatched."
CISA has added these flaws to its Known Exploited Vulnerabilities Catalog, giving Federal Civilian Executive Branch (FCEB) agencies just one week to patch their systems by August 20, as mandated by the November 2021 Binding Operational Directive (BOD) 22-01. The agency encouraged all organizations, including those in the private sector, to prioritize securing their devices against this actively exploited security flaw as soon as possible.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," CISA cautioned on Monday. "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."
It is worth noting that approximately 2,000 N-able N-central instances are exposed online (some of which are likely already patched), with the majority originating from the United States, Australia, and Germany. Shodan searches revealed this information.
While CISA has not yet shared details regarding the attacks exploiting these N-central security bugs, it stated that there's no evidence that they're being used in ransomware attacks.
The Picus Blue Report 2025 highlights that nearly half of environments had passwords cracked, a significant increase from last year. The report also found that 46% of environments suffered password-related breaches, with the vast majority caused by exploitation of weak or default passwords.
In addition to the N-able vulnerability, other recent security updates include:
* FortiSIEM experiencing an improper sanitization of user input vulnerability (CVE-2025-8891), which is being actively exploited in zero-day attacks.
* Microsoft releasing a patch for Windows 11 24H2 updates failing with a 0x80240069 error, a critical security fix that addresses the issue.
Furthermore, Google Gemini's Deep Research is finally coming to API and OpenAI relaxes GPT-5 rate limit, promises to improve the personality. The release also includes news on Microsoft fixes Windows 11 24H2 updates failing with a 0x80240069 error, as well as new developments in ransomware removal tools such as RKill.
To address these security concerns and protect your organization from zero-day attacks, consider taking the following steps:
* Regularly update and patch all software systems, including operating systems and applications.
* Implement robust security controls, such as firewalls, intrusion detection systems, and antivirus software.
* Conduct regular vulnerability assessments and penetration testing to identify potential weaknesses.
* Train employees on security best practices, including safe browsing habits and password management.
By taking proactive measures to address these security concerns, you can significantly reduce the risk of being exploited by malicious cyber actors.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Issues-Urgent-Alert-N-able-N-central-Flaws-Exploited-in-Zero-Day-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-warns-of-n-able-n-central-flaws-exploited-in-zero-day-attacks/
https://thehackernews.com/2025/08/cisa-adds-two-n-able-n-central-flaws-to.html
https://nvd.nist.gov/vuln/detail/CVE-2025-8875
https://www.cvedetails.com/cve/CVE-2025-8875/
https://nvd.nist.gov/vuln/detail/CVE-2025-8876
https://www.cvedetails.com/cve/CVE-2025-8876/
https://nvd.nist.gov/vuln/detail/CVE-2025-8891
https://www.cvedetails.com/cve/CVE-2025-8891/
Published: Thu Aug 14 04:39:23 2025 by llama3.2 3B Q4_K_M
