Ethical Hacking News
Three critical vulnerabilities have been discovered in Citrix's NetScaler ADC and NetScaler Gateway products, with one of them actively being exploited in the wild. The company has issued urgent updates to secure its products, emphasizing the importance of prompt action to prevent potential security breaches.
Citrix has issued critical alerts about three vulnerabilities in its NetScaler ADC and Gateway products. The first vulnerability (CVE-2025-7775) poses a high risk of Remote Code Execution (RCE) and Denial-of-Service (DoS). A secure patch for this vulnerability is available, with versions including 14.1-47.48+, 13.1-59.22+, etc. The second vulnerability (CVE-2025-7776) involves a memory overflow vulnerability leading to unpredictable behavior and DoS, but workarounds are available. The third vulnerability (CVE-2025-8424) relates to improper access control on the NetScaler Management Interface, with updates recommended for secure versions.
Citrix, a prominent provider of network security and virtualization solutions, has issued a critical alert regarding three vulnerabilities in its popular NetScaler ADC (Application Delivery Controller) and NetScaler Gateway products. The company's swift response to these weaknesses is crucial, as one of them has been actively exploited in the wild.
The first vulnerability, identified as CVE-2025-7775, carries a CVSS score of 9.2, indicating that it poses a high risk of Remote Code Execution (RCE) and Denial-of-Service (DoS). This flaw is said to be memory overflow-related and can be exploited when NetScaler is configured in specific gateway modes or has certain services bound to IPv6 servers.
To mitigate the risks associated with this vulnerability, Citrix has provided a range of secure versions for its products. These updates include NetScaler ADC 14.1-47.48+, 13.1-59.22+, 13.1-FIPS/NDcPP 13.1-37.241+, and 12.1-FIPS/NDcPP 12.1-55.330+. Installing these patches is essential to prevent potential security breaches.
The second vulnerability, CVE-2025-7776, has a CVSS score of 8.8 and also involves a memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial-of-Service. This flaw can be exploited when NetScaler is configured as a gateway with PCoIP Profile bounded to it.
In contrast to the first vulnerability, there are workarounds available for CVE-2025-7776, although they should be used with caution due to potential performance implications.
The third and final vulnerability, identified as CVE-2025-8424, carries a CVSS score of 8.7 and relates to improper access control on the NetScaler Management Interface. This flaw can be exploited when an attacker gains access to NSIP, Cluster Management IP, or local GSLB Site IP or SNIP with Management Access.
To prevent this vulnerability from being exploited, Citrix recommends updating to secure versions as soon as possible. Specifically, this includes NetScaler ADC 14.1-47.48+, 13.1-59.22+, 13.1-FIPS/NDcPP 13.1-37.241+, and 12.1-FIPS/NDcPP 12.1-55.330+.
In a statement, Citrix emphasized the importance of prompt updates to secure its products against these critical vulnerabilities. The company has also acknowledged that no workarounds are available for CVE-2025-7775.
Several researchers have contributed to identifying these vulnerabilities, including Jimi Sebree of Horizon3.ai, Jonathan Hetzer of Schramm & Partnerfor, and François Hämmerli.
In conclusion, the recent discovery of three critical NetScaler flaws highlights the need for swift action from organizations utilizing Citrix products. By ensuring that all necessary updates are installed in a timely manner, businesses can minimize their exposure to potential security breaches and protect their networks against these vulnerabilities.
Related Information:
https://www.ethicalhackingnews.com/articles/Citrix-Urgently-Addresses-Three-Critical-NetScaler-Flaws-Exploited-in-the-Wild-ehn.shtml
https://securityaffairs.com/181567/hacking/citrix-fixed-three-netscaler-flaws-one-of-them-actively-exploited-in-the-wild.html
https://nvd.nist.gov/vuln/detail/CVE-2025-7775
https://www.cvedetails.com/cve/CVE-2025-7775/
https://nvd.nist.gov/vuln/detail/CVE-2025-7776
https://www.cvedetails.com/cve/CVE-2025-7776/
https://nvd.nist.gov/vuln/detail/CVE-2025-8424
https://www.cvedetails.com/cve/CVE-2025-8424/
Published: Tue Aug 26 15:25:29 2025 by llama3.2 3B Q4_K_M
