Memory Overflow Vulnerability Affecting NetScaler ADC and NetScaler Gateway by Citrix
CVE-2025-7775

9.2CRITICAL

Key Information:

Vendor

Netscaler
Status
Adc
Gateway
Vendor
CVE Published:
26 August 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 9,070👾 Exploit Exists🟣 EPSS 16%🦅 CISA Reported📰 News Worthy

What is CVE-2025-7775?

CVE-2025-7775 is a memory overflow vulnerability discovered in the NetScaler ADC and NetScaler Gateway products developed by Citrix. These products are designed to provide application delivery and load balancing, as well as secure remote access through VPN services. The vulnerability primarily affects configurations where NetScaler is utilized as a gateway for various protocols, such as VPN virtual servers, RDP Proxy, and others.

When exploited, CVE-2025-7775 can lead to Remote Code Execution (RCE) or Denial of Service (DoS), potentially allowing attackers to execute arbitrary code on affected systems or disrupt services entirely. This poses a significant risk, especially in enterprise environments where NetScaler products are critical for maintaining secure and efficient access to applications and services.

Potential impact of CVE-2025-7775

  1. Remote Code Execution (RCE): The vulnerability could allow an attacker to execute arbitrary code on the system, gaining unauthorized control and potentially leading to further infiltration of the organization’s network.

  2. Denial of Service (DoS): Exploiting this vulnerability could result in the unavailability of crucial services, significantly impacting business operations and reducing productivity.

  3. Data Compromise: Given the nature of the applications serviced by NetScaler products, successful exploitation could expose sensitive data to unauthorized individuals, leading to potential data breaches and compliance violations.

CISA has reported CVE-2025-7775

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-7775 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

ADC 14.1 < 47.48

ADC 13.1 < 59.22

ADC 13.1 FIPS and NDcPP < 37.241

News Articles

favicon imageBleepingComputer

Hackers use new HexStrike-AI tool to rapidly exploit n-day flaws

Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit newly disclosed n-day flaws.

favicon imageBleepingComputer

Over 28,000 Citrix devices vulnerable to new exploited RCE flaw

More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild.

favicon imageBleepingComputer

Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks

Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability.

References

https://support.citrix.com/support-home/kbsearch/article?...

EPSS Score

16% chance of being exploited in the next 30 days.

CVSS V4

Score:
9.2
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 📈

    Vulnerability started trending

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 📰

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

JSON
.