SolarWinds N-able N-central

04 Nov 2021 - Thomas van Voorst

Earlier this year, DIVD case DIVD-2021-00017 was opened because DIVD researchers discovered two vulnerabilities in N-able N-central software prior to 2021.HF6.

These vulnerabilities enable authenticated users the following:

• Agent takeover in a multi-tenant environment (NCCF-16663)
• Downloading and installing agents in a multi-tenant environment (NCCF-16662)

In the coming days we will be scanning worldwide to identify unpatched and thus vulnerable N-able N-central software and send notifications to our information sharing partners and individual network administrators.

---

Last modified: 18 Jan 2023 13:28