CVE-2025-11367
Published: 12 November 2025
Description
The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the unsafe deserialization vulnerability by requiring timely patching of the N-central Software Probe to version 2025.4 or later.
Mandates validation of all inputs to the probe, preventing exploitation of unsafe deserialization by rejecting malformed serialized data.
Enforces network boundary protections to limit unauthenticated remote access to the vulnerable probe, reducing the attack surface for exploitation.
Security SummaryAI
CVE-2025-11367 is a remote code execution vulnerability in the N-central Software Probe versions prior to 2025.4, stemming from unsafe deserialization (CWE-502). Published on 2025-11-12, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for complete system compromise.
An unauthenticated attacker with network access to the vulnerable probe can exploit this flaw with low attack complexity and no user interaction. Successful exploitation enables arbitrary code execution on the target system, resulting in high impacts to confidentiality, integrity, and availability.
The N-able security advisory provides details on mitigation, available at https://me.n-able.com/s/security-advisory/aArVy0000000rfRKAQ/cve202511367-ncentral-windows-software-probe-remote-code-execution.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote code execution vulnerability in a network-accessible software probe directly enables exploitation of a public-facing application.