Citrix Urges Immediate NetScaler ADC & Gateway Updates for Actively Exploited Vulnerability
Citrix has issued urgent security updates for its NetScaler ADC and NetScaler Gateway products. Users are advised to upgrade immediately to patched versions to mitigate multiple vulnerabilities, including one that is actively being exploited in the wild.
Citrix has released updates for NetScaler ADC and NetScaler Gateway to address three critical vulnerabilities. The most pressing issue is CVE-2025-7775, a memory overflow vulnerability that allows Remote Code Execution and/or Denial-of-Service attacks. This vulnerability has been actively exploited, making it crucial for administrators to apply the patches without delay.
The other two vulnerabilities, CVE-2025-7776 and CVE-2025-8424, also pose significant risks. CVE-2025-7776 can cause unpredictable or erroneous behavior and Denial of Service, while CVE-2025-8424 is an improper access control vulnerability on the NetScaler Management Interface. Citrix urges customers to update to the secure versions to mitigate these risks.
Citrix has provided patched versions for NetScaler ADC and NetScaler Gateway to address three critical vulnerabilities. Users are strongly advised to upgrade immediately to 14.1-47.48+, 13.1-59.22+, 13.1-FIPS/NDcPP 13.1-37.241+, and 12.1-FIPS/NDcPP 12.1-55.330+ to ensure the security of their systems.
