CVE-2025-6543NVD

Vulnerability Summary

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Severity Level

CRITICAL(9.2)

Published Date

Jun 25, 2025

Last Modified

Jul 1, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-119: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityHigh

Privileges RequiredNone

User InteractionNone

External References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788

Critical Alert

CVE Watchtower

CVE-2025-6543NVD

Vulnerability Summary

External References