CVE-2025-8424NVD

Vulnerability Summary

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access

Severity Level

HIGH(8.7)

Published Date

Aug 26, 2025

Last Modified

Aug 29, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-1284: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorAdjacent

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

External References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938

Critical Alert

CVE Watchtower

CVE-2025-8424NVD

Vulnerability Summary

External References