CVE-2025-10231
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-10

Last updated on: 2025-09-22

Assigner: N-able

Description
An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that, in the right circumstances, can allow a local low-level user to run commands with elevated permissions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-10
Last Modified
2025-09-22
Generated
2026-06-16
AI Q&A
2025-09-10
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10231
EUVD
EUVD-2025-27561
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
n-able n-central to 2025.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Incorrect File Handling Permission bug in the N-central Windows Agent and Probe. Under certain conditions, it allows a local low-level user to execute commands with elevated permissions, potentially gaining higher access than intended.

Impact Analysis

The vulnerability can allow a local low-level user to run commands with elevated permissions, which could lead to unauthorized actions on the system, compromising confidentiality, integrity, and availability of data and system resources.

Detection Guidance

The provided resources do not include specific commands or methods to detect this vulnerability on your network or system. However, the N-central 2025.3.1 release notes mention enhanced User Audit Log Export capabilities that audit additional user actions and session enforcement improvements, which could help in monitoring suspicious activities related to this vulnerability. [1]

Mitigation Strategies

To mitigate this vulnerability, you should upgrade to N-central version 2025.3.1, which includes a critical security fix addressing CVE-2025-10231. This update improves security by fixing the incorrect file handling permission bug and enhancing session enforcement and audit logging. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10231. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart