InfoSecBulletin Cybersecurity for mankind
Citrix has issued fixes for three security vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is currently being exploited.
The vulnerabilities in question are listed below:
Hacker claim to breach Link3; 189,000 Users data up for sale
Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka
Microsoft Confirms 900+ XSS Vulns Found in IT Services
Daily Security Update Dated : 15.09.2025
IBM QRadar SIEM Vuln Let Attackers Perform Unauthorized Actions
Major Australian Banks using Army of AI Bots to Scam Scammers
F5 to acquire CalypsoAI for $180M for Advanced AI Security Capabilities
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Attacks
CVE-2025-21043
Samsung Patched Critical Zero-Day Flaw Exploited in Android Attacks
Albania appoints world’s first AI minister, “Diella” to Tackle Corruption
CVE-2025-7775 (CVSS score: 9.2): Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service
CVE-2025-7776 (CVSS score: 8.8): Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial-of-Service
CVE-2025-8424 (CVSS score: 8.7): Improper access control on the NetScaler Management Interface
The company acknowledged that “exploits of CVE-2025-7775 on unmitigated appliances have been observed,” but stopped short of sharing additional details.
The problems have been fixed in the following versions, with no workarounds available:
NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP
Identity Security Risk Assessment
Citrix thanks the researchers who identified the vulnerabilities.
CVE-2025-7775 is a newly exploited vulnerability in NetScaler ADC and Gateway, following CVE-2025-5777 (Citrix Bleed 2) and CVE-2025-6543.
The disclosure follows the addition of two Citrix Session Recording security flaws (CVE-2024-8068 and CVE-2024-8069) to the U.S. CISA’s Known Exploited Vulnerabilities catalog, indicating they are actively being exploited.
