Apparently N-able N-central has critical flaws that are being exploited in the wild. https://www.bleepingcomputer.com/news/security/cisa-warns-of-n-able-n-central-flaws-exploited-in-zero-day-attacks/
I am not surprised at all. Their software security leaves a lot to desire. Recently they downplayed actually critical flaw #CVE_2024_5445 (RCE as SYSTEM via MiTM as “low”) as seen here:
https://sintonen.fi/advisories/n-able-ecosystem-agent-improper-certificate-validation.txt
“The vulnerability reported does not constitute an RCE, the Ecosystem agent is designed to run installation packages in a privileged context and the agent is doing what it should do when it receives such packages to install over the APIs.”’
#cybersecurity #infosec
- @[email protected] uh what? That explanation makes it sound worse, not better. - even if it requires that the attacker MITM the connection so PR is high… looking at it, how can they claim a RCE has Low impact to CIA? - @[email protected] No kidding? I can only recommend anyone doing research on N-Able to avoid going through their “bug bounty” program. They actively cite the program rules to shut down disclosure, namely I cannot show how trivial the attack is to pull off by using mitmproxy. So there is no way for me to challenge their obviously flawed scoring of the vulnerability. - ref https://infosec.exchange/@harrysintonen/112999715864274188 
 

