Citrix patches a trio of high-severity safety bugs, so be in your guard

Citrix fixes three flaws in NetScaler ADC and NetScaler Gateway
Amongst them is a critical-severity one used as a zero-day which allowed for RCE and DoS assaults

Citrix has fastened three bugs in its NetScaler ADC and NetScaler Gateway cases, together with a important zero-day flaw which was apparently being abused within the wild.

In a brand new advisory, the corporate mentioned it patched a number of flaws, together with a reminiscence overflow vulnerability that would result in distant code execution (RCE) or Denial of Service (DoS) assaults in NetScaler ADC and NetScaler Gateway (when NetScaler is configured as Gateway or AAA digital server).

The vulnerability is tracked as CVE-2025-7775 and has a severity rating of 9.2/10 (important).

Configuration flaws

Citrix has urged customers to patch up instantly for the reason that hackers are already leveraging the bug in real-life assaults.

“As of August 26, 2025 Cloud Software program Group has motive to consider that exploits of CVE-2025-7775 on unmitigated home equipment have been noticed, and strongly recommends prospects to improve their NetScaler firmware to the variations containing the repair as there aren’t any mitigations out there to guard towards a possible exploit,” it mentioned.

Luckily, leveraging the bug will not be significantly easy, as gadgets must be configured in a particular approach for that to occur:

– NetScaler have to be configured as Gateway (VPN digital server, ICA Proxy, CVPN, RDP Proxy) or AAA digital server

– NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB digital servers of kind (HTTP, SSL or HTTP_QUIC) certain with IPv6 companies or servicegroups certain with IPv6 servers

– NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB digital servers of kind (HTTP, SSL or HTTP_QUIC) certain with DBS IPv6 companies or servicegroups certain with IPv6 DBS servers CR digital server with kind HDX

Citrix has launched configuration settings that may verify if the NetScaler system’s configuration leaves it weak to exploits.

Different two bugs patched are a reminiscence overflow vulnerability tracked as CVE-2025-7776, and an improper entry management on the NetScaler Administration Interface bug tracked as CVE-2025-8424.

By way of BleepingComputer

Trending

Brooklyn Decker, Creator Jonas Pate

Tamar Braxton Reacts After Funky Dineva Alleges “PR Stunt”

What We Know About The Sleeper Impact In Youngsters Of Divorce

Semitrailer hangs off I-10 after crash; Eastbound lanes closed

May Glucose Be the Key to Subsequent-Era Most cancers Remedies?

‘What He Obtained, You Cannot Train’: Will Matthew Golden Be a Sport-Changer for Packers?

Save 20 P.c on Our Favourite Android Earbuds

Citrix patches a trio of high-severity safety bugs, so be in your guard

Save 20 P.c on Our Favourite Android Earbuds

China slams the brakes on Nvidia’s H20 gross sales after a US official brags about feeding weaker tech to Chinese language builders

4chan and Kiwi Farms sue UK regulator over On-line Security Act

Brooklyn Decker, Creator Jonas Pate

Tamar Braxton Reacts After Funky Dineva Alleges “PR Stunt”

What We Know About The Sleeper Impact In Youngsters Of Divorce

Semitrailer hangs off I-10 after crash; Eastbound lanes closed

May Glucose Be the Key to Subsequent-Era Most cancers Remedies?

‘What He Obtained, You Cannot Train’: Will Matthew Golden Be a Sport-Changer for Packers?

Save 20 P.c on Our Favourite Android Earbuds

Our Picks

Brooklyn Decker, Creator Jonas Pate

Tamar Braxton Reacts After Funky Dineva Alleges “PR Stunt”

What We Know About The Sleeper Impact In Youngsters Of Divorce

Trending

Semitrailer hangs off I-10 after crash; Eastbound lanes closed

May Glucose Be the Key to Subsequent-Era Most cancers Remedies?

‘What He Obtained, You Cannot Train’: Will Matthew Golden Be a Sport-Changer for Packers?

Trending

Citrix patches a trio of high-severity safety bugs, so be in your guard

Related Posts