CVE Field Guide
About Us
CVE-2025-11367
PUBLISHED
N-central windows software probe Remote Code Execution
Assigner:
N-able
Reserved:
06.10.2025
Published:
12.11.2025
Updated:
14.11.2025
The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization
Metrics
CVSS 4.0
CVSS Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score:
10
CVSS score
10
Exploitability Metrics
Vulnerable System Impact Metrics
Subsequent System Impact Metrics
Attack Vector
Network
Confidentiality
High
Confidentiality
High
Attack Complexity
Low
Integrity
High
Integrity
High
Attack Requirements
None
Availability
High
Availability
High
Privileges Required
None
User Interaction
None
CVSS 4.0
Product Status
Vendor
N-able
Product
N-central
Versions
Default:
unaffected
affected from 0 to 2025.4 (excl.)
References
https://me.n-able.com/s/security-advisory/aArVy0000000rfRKAQ/cve202511367-ncentral-windows-software-probe-remote-code-execution
Problem Types
CWE-502 Deserialization of Untrusted Data
CWE
Impacts
CAPEC-549 Local Execution of Code