Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

August 26, 2025Ravi LakshmananVulnerability/Remote code execution

Citrix has released fixes to address three security flaws: Netscaler ADC and Netscaler Gateway.

The vulnerabilities in question are listed below –

CVE-2025-7775 (CVSS score: 9.2) – Memory overflow leading to remote code execution and/or denial of service CVE-2025-7776 (CVSS score: 8.8) – Memory overflow vulnerability leading to unpredictable or false behavior and false denial CVE-2025-8424 (CVE-2025-8424 (CVE-2025-8424) Access control for Netscaler Management interface

The company admitted that “an exploit of CVE-2025-7775 has been observed on unauthorized appliances,” but stopped sharing additional details.

However, there are many prerequisites for flaws to be exploited –

CVE-2025-7775-Netscaler must be configured as a Gateway (VPN Virtual Server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server. Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound to IPv6 services or service groups that are bound to IPv6 servers. Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: A virtual server of type (HTTP, SSL or HTTP_QUIC) bound to a DBS IPv6 service or IPv6 DBS server. Alternatively, a CR virtual server with type HDX CVE-2025-7776 – NetScaler must be configured as a GATEWAY (VPN Virtual Server, ICA Proxy, CVPN, RDP Proxy) with a PCOIP profile limited to GVE-2025-8424.

The issue is resolved in the next version and there are no workarounds available –

Releases Netscaler ADC and Netscaler Gateway 14.1-47.48 and later, and 13.1 Netscaler ADC and Netscaler Gateway 13.1-59.22 and later releases of 13.1-FIPS and 13.1-NDCPP 13.1-37.241 and 13.1-FIPS for 13.1-FIPS. 12.1-FIPS and 12.1-NDCPP Releases of 12.1-FIPS and 12.1-NDCPP from 12.1-55.330 onwards

Citrix praised Jimi Sebree from Horizon3.ai. Ai, Jonathan Hetzer of Schramm & Partnerfor and François Hämmerli have discovered and reported the vulnerability.

CVE-2025-7775 is the latest Netscaler ADC and Gateway vulnerability that will be weaponized in real attacks in a short period of time after CVE-2025-5777 (aka Citrix Bleed 2) and CVE-2025-6543.

This disclosure is the day after the US Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws that affect Citrix session recordings (CVE-2024-8068 and CVE-2024-8069) to its known available vulnerabilities (KEV) catalog based on evidence of active exploitation.

Source link

What's Hot

Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

New sni5gect attack crashes phones without rogue base stations and downgrades from 5g to 4g

Waiting time is a little more finished: 2025 Startup Battlefield 200 list drops tomorrow

Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

New sni5gect attack crashes phones without rogue base stations and downgrades from 5g to 4g

Targeting Mixed Shell Malware Supply Chain Makers Delivered via Contact Form

Shadowcaptcha exploits wordpress sites to spread ransomware, information steelers and cryptominers

Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

New sni5gect attack crashes phones without rogue base stations and downgrades from 5g to 4g

Waiting time is a little more finished: 2025 Startup Battlefield 200 list drops tomorrow

Apple will be holding an iPhone 17 event on September 9th

Web 3.0’s Promise: What Sir Tim Berners-Lee Envisions for the Future of the Internet

TwinH’s Paves Way at Break The Gap 2025

Smarter Healthcare Starts Now: The Power of Integrated Medical Devices

The Genius of Frustration: Tim Berners-Lee on Creating the Internet We Know

What's Hot

Flaws in CITRIX patches of three netterlers confirm aggressive misuse of CVE-2025-7775

Related Posts