Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-8534

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled

Published

2024-11-12T19:15:18.907

Last Modified

2025-07-25T18:42:21.863

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-119
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	citrix	netscaler_application_delivery_controller	< 12.1-55.321	Yes
Application	citrix	netscaler_application_delivery_controller	< 12.1-55.321	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-55.34	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.207	Yes
Application	citrix	netscaler_application_delivery_controller	< 14.1-29.72	Yes
Application	citrix	netscaler_gateway	< 13.1-55.34	Yes
Application	citrix	netscaler_gateway	< 14.1-29.72	Yes

References

https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US Vendor Advisory ([email protected])