Active Exploitation of Critical Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway

30 June 2025

Citrix has released security updates addressing multiple critical vulnerabilities in their NetScaler ADC and NetScaler Gateway. Users and administrators of affected products are advised to update to the latest versions immediately.

Background

Citrix has released security updates addressing multiple critical vulnerabilities (CVE-2025-5777 and CVE-2025-6543) in their NetScaler ADC and NetScaler Gateway.

Impact

The vulnerabilities are:

CVE-2025-5777: Successful exploitation of this vulnerability could allow an attacker to bypass authentication, including Multi-Factor Authentication (MFA), by stealing the exposed session token.

CVE-2025-6543: Successful exploitation of this memory overflow vulnerability could allow an attacker to conduct denial-of-service (DoS) attacks.

Known Exploitation

Both vulnerabilities are reportedly being actively exploited.

Affected Products

The critical vulnerabilities affect the following product versions:

NetScaler ADC and NetScaler Gateway versions before 14.1 to 43.56

NetScaler ADC and NetScaler Gateway versions before 13.1 to 58.32

NetScaler ADC 13.1-FIPS and 13.1-NDcPP versions before 13.1 to 37.235

NetScaler ADC 12.1-FIPS versions before 12.1 to 55.328

Mitigation Measures

Users and administrators of affected products are advised to update to the latest versions immediately.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-5777

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420

https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/

https://reliaquest.com/blog/threat-spotlight-citrix-bleed-2-vulnerability-in-netscaler-adc-gateway-devices/

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Active Exploitation of Critical Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway

Reach us