Citrix NetScaler ADC and Gateway are being actively targeted by hackers. The exploited vulnerability is being patched along with two others in an urgently needed update.
Citrix warns of three critical vulnerabilities in NetScaler ADC and NetScaler Gateway. One of them is already being actively exploited. Users need to update as soon as possible.
The security issues are registered as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424.
- CVE-2025-7775 involves a memory overflow error that can lead to remote code execution or a denial of service. This vulnerability has a score of 9.2 and is currently being actively attacked.
- CVE-2025-7776 is another memory issue that can cause erratic behavior or a denial of service. This bug receives a score of 8.8.
- CVE-2025-8424 concerns an access control error on the management interface, with a score of 8.7.
The vulnerabilities affect NetScaler ADC and NetScaler Gateway 14.1 before version 14.1-47.48 and 13.1 before version 13.1-59.22. FIPS and NDcPP versions of 12.1 and 13.1 are also affected. On-premises and hybrid Secure Private Access installations using NetScaler are vulnerable. Citrix’s managed cloud services have already been updated by parent company Cloud Software Group.
Quick update
Cloud Software Group strongly advises affected customers to upgrade. The following software versions are safe:
- NetScaler ADC and Gateway 14.1-47.48 and newer
- NetScaler ADC and Gateway 13.1-59.22 and newer
- NetScaler ADC 13.1-FIPS and NDcPP from 13.1-37.241
- NetScaler ADC 12.1-FIPS and NDcPP from 12.1-55.330
Versions 12.1 and 13.0 are now end-of-life and no longer receive support. Users of these versions must migrate to a supported version. Those who don’t risk being targeted by hackers actively exploiting the bug.
There are no temporary workarounds for these vulnerabilities. Only installing the correct software update protects systems. Because attacks are already taking place, administrators need to act quickly.
Citrix Bleed
Citrix customers have their hands full this summer. Earlier, security researchers discovered a bug dubbed Citrix Bleed 2 affecting NetScaler ADC and Gateway. That vulnerability was also patched, but again not before hackers actively began exploiting it.