Ethical Hacking News
Citrix has addressed a critical remote code execution (RCE) flaw in their NetScaler ADC and Gateway products, which was exploited in zero-day attacks. The company strongly recommends customers upgrade their firmware to the latest versions containing the fix, as there are no available mitigations to protect against potential exploits.
Citrix has addressed a critical remote code execution (RCE) flaw in their NetScaler ADC and Gateway products, CVE-2025-7775. The vulnerability was discovered by Jimi Sebree of Horizon3.ai, Jonathan Hetzer of Schramm & Partnerfor, and François Hämmerli. Citrix strongly recommends customers upgrade their NetScaler firmware to fix the vulnerability, as there are no available mitigations. Other addressed vulnerabilities include memory overflow and improper access control on the NetScaler Management Interface. Vulnerabilities impact specific versions of NetScaler ADC and Gateway products.
Citrix has recently taken significant steps to address a critical remote code execution (RCE) flaw in their NetScaler ADC and Gateway products, which was actively exploited in zero-day attacks. The vulnerability, tracked as CVE-2025-7775, is a memory overflow bug that can lead to unauthenticated, remote code execution on vulnerable devices.
The discovery of this critical flaw was made possible by Jimi Sebree of Horizon3.ai, Jonathan Hetzer of Schramm & Partnerfor, and François Hämmerli. However, it remains unclear which individual discovered the bug or its specifics. Despite this uncertainty, Citrix has taken swift action to address the vulnerability.
According to an advisory released on August 26, 2025, Citrix states that exploits of CVE-2025-7775 on unmitigated appliances have been observed. As a result, the company strongly recommends customers upgrade their NetScaler firmware to the versions containing the fix, as there are no mitigations available to protect against a potential exploit.
In addition to the RCE flaw, Citrix also addressed two other vulnerabilities in their products: a memory overflow vulnerability that could lead to denial of service (tracked as CVE-2025-7776), and improper access control on the NetScaler Management Interface (tracked as CVE-2025-8424). These vulnerabilities impact the following versions:
* NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.48
* NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-59.22
* NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.241-FIPS and NDcPP
* NetScaler ADC 12.1-FIPS and NDcPP BEFORE 12.1-55.330-FIPS and NDcPP
Citrix emphasizes the importance of patching these vulnerabilities, as there are no available mitigations to protect against potential exploits.
The company's swift response to this critical vulnerability is a testament to their commitment to protecting their customers from emerging threats. In light of this incident, it is essential for organizations that use NetScaler ADC and Gateway products to prioritize their security posture by upgrading to the latest versions containing the fix.
Related Information:
https://www.ethicalhackingnews.com/articles/Citrix-Addresses-Critical-NetScaler-RCE-Flaw-Exploited-in-Zero-Day-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-netscaler-rce-flaw-exploited-in-zero-day-attacks/
Published: Tue Aug 26 18:52:33 2025 by llama3.2 3B Q4_K_M
