U.S. CISA Adds Citrix NetScaler Flaw to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a proactive step in safeguarding the nation's networks by adding a critical vulnerability in Citrix NetScaler to its Known Exploited Vulnerabilities (KEV) catalog. This move comes as Citrix recently addressed three security flaws in their ADC and Gateway products, with one of them, CVE-2025-7775, having been actively exploited in the wild.
A Proactive Measure for Network Security
CISA's addition of this vulnerability to its KEV catalog is a testament to the agency's commitment to protecting federal networks from known exploitation. By making this information available to the public, CISA aims to ensure that organizations take prompt action to patch these vulnerabilities and mitigate potential security risks.
The Flaw: A Critical Security Risk
CVE-2025-7775 is a critical flaw in Citrix NetScaler that has been actively exploited by attackers. While details about the attacks are scarce, it's clear that this vulnerability poses a significant risk to organizations that use Citrix NetScaler ADC and Gateway. The company has urged customers to update their systems with secure versions to mitigate these risks.
The Importance of Updates
The vendor recommends installing updates to secure versions 14.1-47.48+, 13.1-59.22+, 13.1-FIPS/NDcPP 13.1-37.241+, and 12.1-FIPS/NDcPP 12.1-55.330+ to patch this vulnerability. These updates are critical in protecting networks against attacks exploiting this flaw.
A Call to Action
CISA has issued a binding operational directive (BOD) that requires federal agencies to address the identified vulnerabilities by August 28, 2025. Meanwhile, experts recommend that private organizations review their infrastructure and patch these vulnerabilities promptly to prevent potential security breaches.
Conclusion
The addition of Citrix NetScaler's CVE-2025-7775 flaw to CISA's KEV catalog highlights the agency's dedication to keeping federal networks safe from known exploitation. By taking proactive measures, organizations can protect themselves against this critical vulnerability and ensure their networks remain secure.
Stay informed about the latest cybersecurity news by following me on Twitter (@securityaffairs), Facebook, and Mastodon.