Citrix has issued fixes for three security vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is currently being exploited.
The vulnerabilities in question are listed below:
By infosecbulletin
/ Sunday , July 12 2026
Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
By infosecbulletin
/ Sunday , July 12 2026
Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
By infosecbulletin
/ Sunday , July 12 2026
A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
By infosecbulletin
/ Saturday , July 11 2026
CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
By infosecbulletin
/ Friday , July 10 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
By infosecbulletin
/ Friday , July 10 2026
A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
By infosecbulletin
/ Thursday , July 9 2026
A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
By infosecbulletin
/ Wednesday , July 8 2026
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CVE-2025-7775 (CVSS score: 9.2): Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service
CVE-2025-7776 (CVSS score: 8.8): Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial-of-Service
CVE-2025-8424 (CVSS score: 8.7): Improper access control on the NetScaler Management Interface
The company acknowledged that “exploits of CVE-2025-7775 on unmitigated appliances have been observed,” but stopped short of sharing additional details.
The problems have been fixed in the following versions, with no workarounds available:
NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP
Identity Security Risk Assessment
Citrix thanks the researchers who identified the vulnerabilities.
CVE-2025-7775 is a newly exploited vulnerability in NetScaler ADC and Gateway, following CVE-2025-5777 (Citrix Bleed 2) and CVE-2025-6543.
The disclosure follows the addition of two Citrix Session Recording security flaws (CVE-2024-8068 and CVE-2024-8069) to the U.S. CISA’s Known Exploited Vulnerabilities catalog, indicating they are actively being exploited.
Docker Fixes Critical Desktop flaw With CVSS Score 9.3