Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Aug 26, 2025Ravie LakshmananVulnerability / Remote Code Execution

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild.

The vulnerabilities in question are listed below –

• CVE-2025-7775 (CVSS score: 9.2) – Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service
• CVE-2025-7776 (CVSS score: 8.8) – Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial-of-Service
• CVE-2025-8424 (CVSS score: 8.7) – Improper access control on the NetScaler Management Interface

The company acknowledged that “exploits of CVE-2025-7775 on unmitigated appliances have been observed,” but stopped short of sharing additional details.

However, for the flaws to be exploited, there are a number of prerequisites –

• CVE-2025-7775 – NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server; NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers; NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers; or CR virtual server with type HDX
• CVE-2025-7776 – NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
• CVE-2025-8424 – Access to NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access

The issues have been resolved in the following versions, with no available workarounds –

• NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
• NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
• NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
• NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP

Citrix credited Jimi Sebree of Horizon3.ai, Jonathan Hetzer of Schramm & Partnerfor and François Hämmerli for discovering and reporting the vulnerabilities.

CVE-2025-7775 is the latest NetScaler ADC and Gateway vulnerability to be weaponized in real-world attacks in a short span of time, after CVE-2025-5777 (aka Citrix Bleed 2) and CVE-2025-6543.

The disclosure also comes a day after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting Citrix Session Recording (CVE-2024-8068 and CVE-2024-8069) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.

Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.

Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!