Netscaler (Citrix) Vulnerabilities 08/2025
Our experts keep you up-to-date on critical cyber threats (CVEs)
Citrix has reported three serious vulnerabilities in Netscaler. VanRoey is proactively rolling out the update to protect customers immediately and mitigate the impact.
Netscaler (Citrix) Vulnerabilities 08/2025
Citrix (and Netscaler) reported the following CVEs on 26/08:
- CVE-2025-7775: Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service
- CVE-2025-7776: Memory overflow vulnerability leading to unpredictable or erroneous behaviour and Denial of Service
- CVE-2025-8424: Improper access control on the NetScaler Management Interface
Take action
What does VanRoey do?
All our impacted customers who enjoy our Managed Services need take no further action as VanRoey has already proactively taken the necessary steps here.
All other customers can contact VanRoey at support@vanroey.be if they want help.
Further input from Citrix and Netscaler:
"Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions as soon as possible.
- NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
- NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
- NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
- NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP
Note: NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 are now End Of Life (EOL) and no longer supported. Customers are recommended to upgrade their appliances to one of the supported versions that address the vulnerabilities. "
Can't create tickets? Ask here to get an account. If our Engineer needs to remotely control your PC, he or she will ask you to run this software .
