Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7776

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it

Published

2025-08-26T13:15:33.193

Last Modified

2025-09-03T17:38:30.300

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	citrix	netscaler_application_delivery_controller	< 12.1-55.330	Yes
Application	citrix	netscaler_application_delivery_controller	< 12.1-55.330	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.241	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.241	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-59.22	Yes
Application	citrix	netscaler_application_delivery_controller	< 14.1-47.48	Yes
Application	citrix	netscaler_gateway	< 13.1-59.22	Yes
Application	citrix	netscaler_gateway	< 14.1-47.48	Yes

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 Vendor Advisory ([email protected])