CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Network Security·Vulnerabilities

Citrix Patches Exploited NetScaler Zero-Day

Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies. The post Citrix Patches Exploited NetScaler Zero-Day appeared first on SecurityWeek.

Citrix vulnerabilities exploited

Citrix on Tuesday rolled out patches for three vulnerabilities in its NetScaler ADC and Gateway, including a critical-severity flaw exploited in the wild as a zero-day.

Tracked as CVE-2025-7775 (CVSS score of 9.2), the exploited bug is described as a memory overflow issue that can be triggered to cause a denial-of-service (DoS) condition. The security defect can also lead to remote code execution (RCE).

According to Citrix, the vulnerability impacts NetScaler instances configured as a gateway or as an AAA virtual server, or configured with a CR virtual server with type HDX.

Specific NetScaler versions that are bound with IPv6 services or service groups bound with IPv6 servers, or bound with DBS IPv6 services or service groups bound with IPv6 DBS servers, are also affected.

“As of August 26, 2025 Cloud Software Group has reason to believe that exploits of CVE-2025-7775 on unmitigated appliances have been observed, and strongly recommends customers to upgrade their NetScaler firmware to the versions containing the fix as there are no mitigations available to protect against a potential exploit,” Citrix notes in an alert.

The tech giant has not shared details on the observed attacks, nor indicators of compromise (IOCs), but the US cybersecurity agency CISA added the CVE to its Known Exploited Vulnerabilities (KEV) catalog immediately, urging its immediate patching.

As mandated by the Binding Operational Directive (BOD) 22-01, federal agencies typically have three weeks to apply fixes for security defects newly added to KEV, but they were given only two days (until August 28) to address CVE-2025-7775.

In addition to the zero-day, Citrix on Tuesday announced patches for CVE-2025-7776 (CVSS score of 8.8), a memory overflow leading to unexpected behavior and DoS, and CVE-2025-8424 (CVSS score of 8.7), an improper access control in NetScaler’s management interface that could lead to unauthorized access to certain files.

The three issues were resolved in NetScaler ADC and NetScaler Gateway versions 14.1-47.48, 13.1-59.22, 13.1-FIPS and 13.1-NDcPP 13.1-37.241, and 12.1-FIPS and 12.1-NDcPP 12.1-55.330.

In its advisory, Citrix warns that NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 have been discontinued and are no longer supported, urging users to migrate to a supported release as soon as possible.

Related: Organizations Warned of Exploited Git Vulnerability

Related: ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities

Related: Inside the Dark Web’s Access Economy: How Hackers Sell the Keys to Enterprise Networks

Related: Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities

Latest News

CYBERNEWSMEDIAPublisher