"CISA added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation."
"The vulnerabilities require authentication to exploit, but present a potential risk to the security of the N-central environment if unpatched."
CISA identified two vulnerabilities in N-able N-central, a platform for Managed Service Providers, which are actively being exploited. The vulnerabilities include an insecure deserialization issue and a command injection flaw. Both have been fixed in recent updates. N-able emphasizes the need for customers to upgrade to the latest versions and enable multi-factor authentication, particularly for admin accounts. Federal agencies should apply fixes by August 20, 2025, to protect their networks from these threats.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]