Citrix has issued a fix to address three security flaws in Netscaler ADC and Netscaler Gateway, including it that it has been said that it has been actively exploited in the wild.
The weaknesses in the question are listed below –
- Cve-2025-7775 (CVSS Score: 9.2)-Memori overflow vulnerability leading to remote code execution and/or refusal service
- Cve-2025-7776 (CVSS Score: 8.8) -Mori overflow vulnerability is unpredictable or leading for misbehavior and refusal.
- Cve-2025-8424 (CVSS Score: 8.7) – Improper Access Control on Netscaler Management Interface
The company admitted that “the exploits of the CVE-2025-7775 have been seen on unknown tools,” but stopped less than sharing additional details.
However, to exploit the defects, there are many pre -pre -expectations –
- Cve-2025-7775 – Netscaler should be configured as a gateway (VPN virtual server, ICA proxy, cvpn, rdp proxy) or AAA virtual server; Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: LB Virtual Server of Type (HTTP, SSL or HTTP_QUIC) tied with IPV6 services or IPV6 servers tied with service groups; Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: LB Virtual Server of Type (HTTP, SSL or HTTP_QUIC) DBS binds with IPV6 services or IPV6 DBS servers; Or CR Virtual Server with Type HDX
- Cve-2025-7776 – Netscaler should be configured as Gateway (VPN Virtual Server, ICA proxy, Cvpn, RDP proxy).
- Cve-2025-8424 – NSIP, Cluster Management IP or Local GSLB Site access with management access with IP or SNIP
Issues have been resolved in the following versions, with no available work -round –
- Netscaler Adc and Netscaler Gateway 14.1-47.48 and later released
- Netscaler Adc and Netscaler Gateway 13.1-59.22 and later 13.1 release
- Netscaler Adc 13.1-FIPS and 13.1-NDCPP 13.1-37.241 and later 13.1-FIPS and 13.1-NDCPP
- Netscaler Adc 12.1-Fips and 12.1-NDCPPPP 12.1-55.330 and later 12.1-FIPS and 12.1-NDCPP
Citrix credited the Jimmy Sebri of the horizon.
After CVE-2025-5777 (Aka Citrix Bleed 2) and CVE-2025-6543, Cve-2025-7775 The latest Netscaler Adc and Gateway is vulnerability, which is to be armed for real-world attacks in a short time.
The disclosure by the US Cyber Safety and Infrastructure Security Agency (CISA) was also disclosed a day later, which added two security flaws, which affect the CITRIX session recording (CVE-2024-8068 and CVE-2024-8069) based on its known exploiting vulnerabouts (kev) catalogs.
CISA connects CVE-2025-7775 to Kev Catalog
CISA, on August 26, 2025, added the CVE-2025-7775 to the Kev Catalog, which requires the Federal Citizen Executive Branch (FCEB) agencies, which to remove the defect within the next 48 hours to remove the defect (ie,, ie, 28 August).
The agency said, “Citrix Netscaler ADC and Netscaler Gateway have a memory overflow vulnerability that can allow remote code for execution and/or refusal,” the agency said.
