Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6543

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Published

2025-06-25T13:15:27.293

Last Modified

2025-07-01T18:19:45.547

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.236	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.236	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-59.19	Yes
Application	citrix	netscaler_application_delivery_controller	< 14.1-47.46	Yes
Application	citrix	netscaler_gateway	< 13.1-59.19	Yes
Application	citrix	netscaler_gateway	< 14.1-47.46	Yes

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 Vendor Advisory ([email protected])