SB2025082719 - Multiple vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway
Published: August 27, 2025 Updated: January 9, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2025-7775)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability is being exploited in the wild.2) Buffer overflow (CVE-ID: CVE-2025-7776)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption to cause unpredictable or erroneous behavior and perform a denial of service (DoS) attack.
3) Improper access control (CVE-ID: CVE-2025-8424)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the NetScaler Management Interface. A remote attacker on the local network can bypass implemented security restrictions and gain unauthorized access to the application.
Remediation
Install update from vendor's website.