AI description
CVE-2025-8876 is a command injection vulnerability found in N-able N-central versions before 2025.3.1. It stems from improper input validation, which allows for the injection of operating system commands. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary operating system commands on the affected system. This could lead to unauthorized access, data theft, system manipulation, and potential lateral movement within the network. It has been added to the CISA Known Exploited Vulnerabilities list and is actively being exploited in the wild.
- Description
- Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
- Source
- a5532a13-c4dd-4202-bef1-e0b8f2f8d12b
- NVD status
- Analyzed
- Products
- n-central
CVSS 4.0
- Type
- Secondary
- Base score
- 9.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- N-able N-Central Command Injection Vulnerability
- Exploit added on
- Aug 13, 2025
- Exploit action due
- Aug 20, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
csirt_it: ‼ #N_able: rilevato lo sfruttamento attivo in rete delle CVE-2025-8875 e CVE-2025-8876 presenti nella piattaforma di RMM #N_central Rischio: 🟠 Tipologia: 🔸Arbitrary Code Execution 🔸Elevation of Privilege 🔗 https://t.co/48xohP07Cq 🔄 Ag… https://t.c
@Vulcanux_
20 Aug 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-8875 and CVE-2025-8876: Vulnerability Detection Script using Nuclei GitHub: https://t.co/jmoM7WBaKh https://t.co/hrgwJVIqKH
@DarkWebInformer
19 Aug 2025
12717 Impressions
29 Retweets
193 Likes
83 Bookmarks
0 Replies
1 Quote
Over 800 N-able N-central servers remain unpatched against critical flaws CVE-2025-8875 and CVE-2025-8876, enabling command injection and deserialization attacks. Patch version 2025.3.1 is available. #NablePatch #USFederal #ServerRisk https://t.co/8ennArgSQB
@TweetThreatNews
18 Aug 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Kritieke beveiligingslekken in n-able n-central servers: meer dan 800 nog niet gepatcht https://t.co/hid5PV65KA #N-able #N-central #beveiligingslek #CVE-2025-8875 #CVE-2025-8876 #Trending #Tech #Nieuws
@TrendingNewsBot
18 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 N-able N-central, #OS Command Injection, #CVE-2025-8876 (Critical) https://t.co/1kGzS0TMM1
@dailycve
18 Aug 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I've created a vulnerability script for CVE-2025-8875 and CVE-2025-8876 - both currently being actively exploited in the wild as reported by @cisacyber. Detection script: https://t.co/pR6pFr1NNs Patches are available: https://t.co/J9Zctf0WOA https://t.co/9tFZTYuRh1
@rxerium
17 Aug 2025
7641 Impressions
27 Retweets
137 Likes
106 Bookmarks
2 Replies
0 Quotes
CVE-2025-8876 N-able N-central OS Command Injection Vulnerability Prior to Version 2025.3.1 https://t.co/dPOk7jifqE
@VulmonFeeds
17 Aug 2025
90 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
We added version based N-able N-central RMM CVE-2025-8875 & CVE-2025-8876 detection to our daily scans. 1077 IPs unpatched IPs seen on 2025-08-15. Both CVEs recently added to @CISACyber KEV. Top affected: US, Canada, Netherlands, UK Dashboard map view: https://t.co/yL9hUjiZ
@Shadowserver
17 Aug 2025
3166 Impressions
17 Retweets
29 Likes
8 Bookmarks
1 Reply
0 Quotes
CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Aug 13) CVE-2025-8875 N-able N-central の安全でないデシリアライゼーションの脆弱性 CVE-2025-8876 N-able N-central コマンドインジ
@foxbook
17 Aug 2025
268 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA has issued a warning for organizations using N-able’s N-central RMM product. Two #vulnerabilities (CVE-2025-8875 & CVE-2025-8876) are being exploited. N-able released version 2025.3 with a critical security fix. #ThreatIntelligence #onpatrol4malware https://t.co/BO59
@MalwarePatrol
14 Aug 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added N-able N-central insecure deserialization & command injection vulnerabilities CVE-2025-8875 & CVE-2025-8876 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cyber
@CISACyber
14 Aug 2025
4743 Impressions
19 Retweets
34 Likes
7 Bookmarks
1 Reply
0 Quotes
CISA alerts to active exploitation of two critical vulnerabilities in N-able N-central (CVE-2025-8875 & CVE-2025-8876) involving insecure deserialization and command injection. Patch version 2025.3 released. #Ncentral #ITsecurity #USA https://t.co/vshATFp3xG
@TweetThreatNews
14 Aug 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA has added two vulnerabilities in N-able N-central to its Known Exploited Vulnerabilities catalog due to active exploitation. The flaws are CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (command injection). https://t.co/y97ZkqosNT
@securityRSS
14 Aug 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
This could get ugly - CISA warns of exploitation of N-able N-central, which is a remote monitoring & management (RMM) tool. It also has an MSSP version which means access to customer envs at scale if succesfully exploited. Two vulns: CVE-2025-8875, CVE-2025-8876 https://t.c
@SimoKohonen
14 Aug 2025
2835 Impressions
4 Retweets
23 Likes
6 Bookmarks
3 Replies
1 Quote
⚠️ CISA adds 2 N-able N-central flaws (CVE-2025-8875 & CVE-2025-8876) to its KEV list—both under active attack. MSPs & orgs must patch now to avoid multi-network compromise. Details + fixes here 👉 https://t.co/XqUiRIYcQQ #CyberSecurity #Vulnerabilities https://
@TEISS
14 Aug 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-8875 (insecure deserialization) CVE-2025-8876 (command injection) Both are being actively exploited—MSPs and orgs running N-central must patch to version 2025.3.1 or 2024.6 HF2 by Aug 20. Enable MFA, restrict access ASAP. #CyberSecurity #CISA #Nable #KEV #MSP #PatchNow
@SecurEpitome
14 Aug 2025
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISAから新規KEV登録のお知らせメールが来た。CVE-2025-8875とCVE-2025-8876 社内DBにpushしようとツールを実行しても、NVD APIでエラーが発生する。しばらく悩んだが、NVDのページを調べてみると… えっ、まだNVD側に
@shojiueda
14 Aug 2025
175 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-8876 #N-able #N-Central Command Injection Vulnerability https://t.co/fLysImUHIa
@ScyScan
13 Aug 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:n-able:n-central:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBFDA053-AF76-4028-8595-41B18D37717B",
"versionEndExcluding": "2025.3.1"
}
],
"operator": "OR"
}
]
}
]