Citrix has issued an urgent security bulletin regarding multiple vulnerabilities affecting its NetScaler ADC and Gateway products. These flaws pose serious risks, including remote code execution, denial of service, and unauthorized access to management interfaces. Organizations utilizing affected versions should prioritize immediate action to mitigate potential exploits.
Three key vulnerabilities have been identified:
- A buffer overflow that can enable attackers to execute malicious code remotely, potentially compromising affected systems. The flaw, tracked as CVE-2025-7775, impacts configurations such as VPN virtual servers, load balancer (LB) virtual servers bound with IPv6, and certain HDX virtual servers.
- Tracked as CVE-2025-7776, this related overflow vulnerability can cause system crashes or unpredictable behavior when a Gateway is associated with a PCoIP profile.
- An access control weakness identified as CVE-2025-8424 that allows unauthorized users to access and potentially manipulate management interfaces like NSIP or cluster management IP.
The vulnerabilities impact the following versions:
- NetScaler ADC and Gateway before patched version 14.1-47.48
- NetScaler ADC and Gateway before patched version 13.1-59.22
- 13.1-FIPS and NDcPP before 13.1-37.241
- 12.1-FIPS and NDcPP before 12.1-55.330
- Older versions no longer supported
Exploits of these vulnerabilities are actively being observed, making timely patching a critical component of your security posture. Failure to act could result in data breaches, service interruptions, or compromised systems.
Administrators should ensure management interfaces are secured with strong authentication and limited network access, and review current deployment settings, especially virtual server types, IPv6 bindings, and management interface access, to identify any potential exposure. Regular updates and vigilant monitoring are key to protecting your infrastructure.
Visit Citrix’s security advisory here for information on updating and support.
Leave a Reply