Citrix Fixed Three NetScaler Flaws, One of Them Actively Exploited in the Wild

Citrix has addressed three significant security flaws in its NetScaler ADC and NetScaler Gateway products, including one that has been actively exploited in the wild. The company took swift action to patch these vulnerabilities, which have been identified as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424.

The recently discovered vulnerability, CVE-2025-7775, was found to be actively exploited in the wild by attackers. According to Citrix's advisory, "Exploits of CVE-2025-7775 on unmitigated appliances have been observed." This alarming revelation highlights the urgent need for NetScaler ADC and NetScaler Gateway customers to update their systems as soon as possible.

The Vulnerabilities

Citrix did not provide any details about the attacks that exploited CVE-2025-7775. However, it is essential to note that installing the available updates will help mitigate security risks associated with these vulnerabilities. The recommended updates are:

• NetScaler ADC and NetScaler Gateway version 14.1-47.48+
• NetScaler Gateway version 13.1-59.22+
• NetScaler ADC version 13.1-FIPS/NDcPP
• NetScaler Gateway version 13.1-37.241+
• NetScaler ADC version 12.1-FIPS/NDcPP
• NetScaler Gateway version 12.1-55.330+

It is crucial to note that Citrix advises against any workarounds, emphasizing the importance of prompt updates to secure these products.

A Word from the Researchers

The vulnerabilities were reported by a team of researchers, including Jimi Sebree of Horizon3.ai, Jonathan Hetzer of Schramm & Partnerfor, and François Hämmerli. Their diligent work in identifying and disclosing these security flaws is crucial to ensuring that users are protected from potential threats.

Stay vigilant, and follow us on Twitter (@securityaffairs), Facebook, and Mastodon for the latest security updates and news.