CVE-2025-8875
Published: 14 August 2025
Summary
CVE-2025-8875 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in N-Able N-Central. Its CVSS base score is 9.4 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 11.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-8875 is a deserialization of untrusted data vulnerability, tracked under CWE-502, that permits local code execution. It affects the N-able N-central platform in all versions prior to 2025.3.1. The flaw received a CVSS 4.0 score of 9.4, reflecting network attack vector, low attack complexity, low privileges required, and high impacts across confidentiality, integrity, availability, and scope.
An attacker with low-privileged network access can supply a malicious serialized object that the application deserializes without sufficient validation, resulting in arbitrary code execution on the affected N-central instance. Successful exploitation grants the attacker the ability to compromise the confidentiality, integrity, and availability of the system and potentially affect other components within its trust boundary.
The vendor released N-central 2025.3.1 to address the issue, as noted in the August 2025 general availability announcement. The vulnerability appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation. Its EPSS score rose from a low baseline to a peak of 0.0508 on 2025-12-18 before receding, indicating measurable post-disclosure attacker interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-24823
Vulnerability details
Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.
- CWE(s)
- KEV Date Added
- 13 August 2025
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local deserialization leading to arbitrary code execution with low privileges directly enables privilege escalation to full system compromise.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the deserialization vulnerability by requiring timely application of the vendor patch released in N-central 2025.3.1.
Prevents exploitation by validating untrusted data inputs prior to deserialization, addressing the core CWE-502 issue.
Mitigates arbitrary code execution from deserialization exploits through memory protections like non-executable memory and ASLR.