CVE-2025-6543β€”Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability

PUBLISHEDvulnerability record
2025-06-30 Β· last modified June 30, 2025

Metadata

CVE ID:
CVE-2025-6543
Project:
Citrix
Product:
NetScaler ADC and Gateway
Date Added:
2025-06-30
Due Date:
2025-07-21
Last Updated:
June 30, 2025

Vulnerability Name

Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability

Description

Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses