SolarWinds N-able N-central
04 Nov 2021 - Thomas van Voorst
Earlier this year, DIVD case DIVD-2021-00017 was opened because DIVD researchers discovered two vulnerabilities in N-able N-central software prior to 2021.HF6.
These vulnerabilities enable authenticated users the following:
- Agent takeover in a multi-tenant environment (NCCF-16663)
- Downloading and installing agents in a multi-tenant environment (NCCF-16662)
In the coming days we will be scanning worldwide to identify unpatched and thus vulnerable N-able N-central software and send notifications to our information sharing partners and individual network administrators.