Citrix Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, security restriction bypass and remote code execution on the targeted system.

Note:

CVE-2025-7775 is being exploited in the wild.  It is a memory overflow bug that can lead to unauthenticated, remote code execution on vulnerable devices.

Devices must be configured in one of the following configurations to be vulnerable:

• NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
• NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers 
• NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers
• CR virtual server with type HDX

Hence, the risk level is rated as High Risk.

Impact

• Remote Code Execution
• Security Restriction Bypass
• Denial of Service

System / Technologies affected

• NetScaler ADC and NetScaler Gateway 14.1 before 14.1-47.48
• NetScaler ADC and NetScaler Gateway 13.1 before 13.1-59.22
• NetScaler ADC 13.1-FIPS and NDcPP before 13.1-37.241-FIPS and NDcPP
• NetScaler ADC 12.1-FIPS and NDcPP before 12.1-55.330-FIPS and NDcPP

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

• https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938

Vulnerability Identifier

• CVE-2025-7775
• CVE-2025-7776
• CVE-2025-8424

Source

• Citrix
• CISA

Related Link

• https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938
• https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-adds-one-known-exploited-vulnerability-catalog