Category Archives: Security Notices

OpenSSL Critical Vulnerability

UPDATED NOVEMBER 2: N-able is aware OpenSSL.org released two vulnerabilities (CVE-2022-3602 and CVE-2022-3786) that affect OpenSSL version 3.0.0 and later and have been addressed in OpenSSL 3.0.7. After thorough investigation, our team has determined N-able’s products are not impacted by … Continue reading

Posted in Backup (N-central), Backup (RMM), Cloud User Hub, Cove Data Protection, Cove Data Protection release notes, Cove Data Protection service updates, Mail Assure, MSP Anywhere, MSP Manager, MSP Service Desk, N-central, N-sight, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on OpenSSL Critical Vulnerability

N-able and Spring4Shell(CVE-2022-22965)

Update after SWI noticeUpdated April 6, 2022 N-able has been closely monitoring details as they’ve emerged around the Spring4Shell vulnerability, which has received quite a bit of attention over the last week. The N-able security team began to investigate any … Continue reading

Posted in Cove Data Protection, Mail Assure, MSP Anywhere, MSP Manager, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on N-able and Spring4Shell(CVE-2022-22965)

Apache Log4j Vulnerability – Updated 1:00 p.m. EST, December 22, 2021

Updated: December 21, 2021 Risk Intelligence deployed appropriate patches as of 4 1.m. EST December 21, 2021. Original Post: As you may know, a vulnerability within the Apache Log4j tool was identified on Friday, December 10, 2021 – tracked as CVE-2021-44228. … Continue reading

Posted in Cove Data Protection, Mail Assure, MSP Anywhere, MSP Manager, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on Apache Log4j Vulnerability – Updated 1:00 p.m. EST, December 22, 2021

N-able Risk Intelligence: Apache Log4j Vulnerability Fix

We have released an update to Risk Intelligence to address the recent Apache Log4j vulnerability. We have evaluated risk within Risk Intelligence and have deployed patches for any vulnerable components as of 3:00 am EST on December 15, 2021.  Please … Continue reading

Posted in Risk Intelligence, Security Notices | Comments Off on N-able Risk Intelligence: Apache Log4j Vulnerability Fix

Apache Log4j Vulnerability – Updated 12 p.m. EST, December 15, 2021

Updated 2:30 p.m. EST, December 20, 2021 The Apache Software Foundation (ASF) has rolled out another update – version 2.17.0 – for its Java-based open-source logging library Log4j to address a third security vulnerability first discovered December 10, 2021. In response, … Continue reading

Posted in Cove Data Protection, Cove Data Protection service updates, Mail Assure, MSP Anywhere, MSP Manager, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on Apache Log4j Vulnerability – Updated 12 p.m. EST, December 15, 2021

Apache Log4j Vulnerability – Updated 12 p.m. EST, December 15, 2021

Updated 2:30 p.m. EST, December 20, 2021 The Apache Software Foundation (ASF) has rolled out another update – version 2.17.0 – for its Java-based open-source logging library Log4j to address a third security vulnerability first discovered December 10, 2021. In response, … Continue reading

Posted in Cove Data Protection, Mail Assure, MSP Anywhere, N-central, Passportal, Risk Intelligence, Security Notices | Comments Off on Apache Log4j Vulnerability – Updated 12 p.m. EST, December 15, 2021

Apache Log4j Vulnerability

Updated 2:30 p.m. EST, December 20, 2021 The Apache Software Foundation (ASF) has rolled out another update – version 2.17.0 – for its Java-based open-source logging library Log4j to address a third security vulnerability first discovered December 10, 2021. In response, … Continue reading

Posted in N-central, Risk Intelligence, Security Notices | Comments Off on Apache Log4j Vulnerability

Unquoted Service Path Vulnerability Update

On March 25, 2021, our partner, Omega Systems, reported that an unquoted service path vulnerability existed within our Windows Ecosystem Agent services for N-able™ RMM and N-central®. This vulnerability may allow a malicious actor to execute their own malicious payloads … Continue reading

Posted in N-central, Security Notices | Comments Off on Unquoted Service Path Vulnerability Update

Final Reminder: Certificate Upgrade

Update March 8, 2021 The digital certificate for our SolarWinds MSP products has been revoked, as of 7:00PM EST on March 8, 2021. *********************************************************************************** March 3, 2021 As we have communicated, the digital certificate for our SolarWinds MSP products will … Continue reading

Posted in Cove Data Protection, Cove Data Protection release notes, Cove Data Protection service updates, Mail Assure, MSP Anywhere, MSP Manager, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on Final Reminder: Certificate Upgrade

UPDATE: Digital Certificate Revocation Date Change

Update March 8, 2021 The digital certificate for our SolarWinds MSP products has been revoked, as of 7:00PM EST on March 8, 2021. *********************************************************************************** As an update to our previous notification, we have just received an extension on the revocation … Continue reading

Posted in Cove Data Protection, Cove Data Protection release notes, Cove Data Protection service updates, Mail Assure, MSP Anywhere, MSP Manager, MSP Service Desk, N-central, Passportal, Risk Intelligence, Security Notices, Take Control | Comments Off on UPDATE: Digital Certificate Revocation Date Change