Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

August 26, 2025Ravi LakshmananVulnerability/Remote code execution

Citrix has released fixes to address three security flaws: Netscaler ADC and Netscaler Gateway.

The vulnerabilities in question are listed below –

CVE-2025-7775 (CVSS score: 9.2) – Memory overflow leading to remote code execution and/or denial of service CVE-2025-7776 (CVSS score: 8.8) – Memory overflow vulnerability leading to unpredictable or false behavior and false denial CVE-2025-8424 (CVE-2025-8424 (CVE-2025-8424) Access control for Netscaler Management interface

The company admitted that “an exploit of CVE-2025-7775 has been observed on unauthorized appliances,” but stopped sharing additional details.

However, there are many prerequisites for flaws to be exploited –

CVE-2025-7775-Netscaler must be configured as a Gateway (VPN Virtual Server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server. Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound to IPv6 services or service groups that are bound to IPv6 servers. Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: A virtual server of type (HTTP, SSL or HTTP_QUIC) bound to a DBS IPv6 service or IPv6 DBS server. Alternatively, a CR virtual server with type HDX CVE-2025-7776 – NetScaler must be configured as a GATEWAY (VPN Virtual Server, ICA Proxy, CVPN, RDP Proxy) with a PCOIP profile limited to GVE-2025-8424.

The issue is resolved in the next version and there are no workarounds available –

Releases Netscaler ADC and Netscaler Gateway 14.1-47.48 and later, and 13.1 Netscaler ADC and Netscaler Gateway 13.1-59.22 and later releases of 13.1-FIPS and 13.1-NDCPP 13.1-37.241 and 13.1-FIPS for 13.1-FIPS. 12.1-FIPS and 12.1-NDCPP Releases of 12.1-FIPS and 12.1-NDCPP from 12.1-55.330 onwards

Citrix praised Jimi Sebree from Horizon3.ai. Ai, Jonathan Hetzer of Schramm & Partnerfor and François Hämmerli have discovered and reported the vulnerability.

CVE-2025-7775 is the latest Netscaler ADC and Gateway vulnerability that will be weaponized in real attacks in a short period of time after CVE-2025-5777 (aka Citrix Bleed 2) and CVE-2025-6543.

This disclosure is the day after the US Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws that affect Citrix session recordings (CVE-2024-8068 and CVE-2024-8069) to its known available vulnerabilities (KEV) catalog based on evidence of active exploitation.

Source link

What's Hot

VC Marcia Butcher, an associate of Epstein and founder of Day One, explains it herself.

Google sends student journalists’ personal and financial information to ICE

Almost half of xAI’s founding team has now left the company.

Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

North Korean agents impersonate experts on LinkedIn to infiltrate companies

Reynolds ransomware embeds BYOVD drivers that disable EDR security tools

Inside the rise of the digital parasite

VC Marcia Butcher, an associate of Epstein and founder of Day One, explains it herself.

Google sends student journalists’ personal and financial information to ICE

Almost half of xAI’s founding team has now left the company.

North Korean agents impersonate experts on LinkedIn to infiltrate companies

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

What's Hot

Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

Related Posts