Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XCitrix Netscaler Application Delivery Controller
APPCitrix13.1 – 13.1-37.236 (bez)13.1 – 13.1-59.19 (bez)14.1 – 14.1-47.46 (bez)Citrix Netscaler Gateway
APPCitrix13.1 – 13.1-59.19 (bez)14.1 – 14.1-47.46 (bez)
CISA KEV — detailsi
- Vendori
- Citrix ↗
- Producti
- NetScaler ADC and Gateway
- Added to KEVi
- June 30, 2025
- Remediation deadline (US Federal)i
- July 21, 2025(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Related vulnerabilities
Citrix NetScaler ADC/Gateway — memory overread przez SAML IDP
Przepełnienie pamięci w Citrix NetScaler ADC i Gateway — RCE/DoS
CitrixBleed 2 — memory overread w Citrix NetScaler ADC i Gateway
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virt...
Unauthenticated remote code execution