Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Citrix — NetScaler ADC and Gateway
- Added to KEV catalog
- 10 July 2025
- Federal remediation due date
- 11 July 2025
- Weakness classification (CWE)
- CWE-125
CISA Description
Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420 ; https://nvd.nist.gov/vuln/detail/CVE-2025-5777
More Citrix Vulnerabilities
Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler Memory Overflow Vulnerability
Citrix Session Recording Improper Privilege Management Vulnerability
Citrix Session Recording Deserialization of Untrusted Data Vulnerability
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services