CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 affecting Citrix Netscaler products

This section contains time sensitive announcements about specific cyber threats, vulnerabilities and scams. Each alert has information you need to be aware of, and what actions to take to mitigate any risk to you or your organisation.

Subscribe to our updates to be notified as soon as we publish an alert.

2:00pm, 28 August 2025

TLP Rating: Clear

CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 affecting Citrix Netscaler products

CVE-2025-7775 (CVSS 9.2) External Link : A memory overflow vulnerability that attackers could exploit for unintended control flow and denial of service. This vulnerability affects NetScaler products configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. The NCSC is aware of open-source reporting of this vulnerability.

CVE-2025-7776 (CVSS 8.8) External Link : A memory overflow vulnerability leading to unpredictable behaviour and denial of service. The vulnerability affects NetScaler products configured as Gateway with a bound PC over IP (PCoIP) profile.

CVE-2025-8424 (CVSS 8.7) External Link : Improper access control vulnerability affecting the NetScaler Management Interface. Requires an attacker to gain access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access.

What's happening

Systems affected

The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:
  • NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.48
  • NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-59.22
  • NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.241-FIPS and NDcPP
  • NetScaler ADC 12.1-FIPS and NDcPP BEFORE 12.1-55.330-FIPS and NDcPP

What this means

Organisations who utilise affected NetScaler ADC and NetScaler Gateway versions could be vulnerable to the listed vulnerability.

What to look for

How to tell if you're at risk

If you are running a NetScaler ADC and NetScaler Gateway instance within the listed versions.

What to do

Prevention

Update to the latest version of NetScaler ADC and NetScaler Gateway.

More information

Read the vendor advisory. External Link

If you require more information or further support, submit a report on our website or contact us on 0800 114 115.

For media enquiries, email our media desk.