Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
Citrix — NetScaler ADC and Gateway
- Added to KEV catalog
- 30 June 2025
- Federal remediation due date
- 21 July 2025
- Weakness classification (CWE)
- CWE-119
CISA Description
Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 ; https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-6543
More Citrix Vulnerabilities
Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler Memory Overflow Vulnerability
Citrix Session Recording Improper Privilege Management Vulnerability
Citrix Session Recording Deserialization of Untrusted Data Vulnerability
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services