Urgent Citrix NetScaler Alert: Critical Memory Overflow Flaw (CVE-2025-6543, CVSS 9.2) Actively Exploited

Citrix has issued a critical advisory for CVE-2025-6543, a memory overflow vulnerability that impacts NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). According to Citrix, successful exploitation of this flaw could result in unintended control flow and denial of service, potentially crippling enterprise environments dependent on these platforms for secure application delivery and remote access.

Citrix has assigned the vulnerability a CVSS v4.0 Base Score of 9.2, categorizing it as Critical. Memory overflow issues are especially dangerous as they can lead to arbitrary code execution, service crashes, or compromise of system integrity.

“Exploits of CVE-2025-6543 on unmitigated appliances have been observed,” the advisory warns.

The vulnerability affects the following supported product versions:

NetScaler ADC and Gateway 14.1 before 14.1-47.46

NetScaler ADC and Gateway 13.1 before 13.1-59.19

NetScaler ADC 13.1-FIPS and NDcPP before 13.1-37.236

Older versions such as 13.0 and 12.1 are considered End of Life (EOL) and also vulnerable, with no patch support available. Citrix emphasizes:

“Customers are recommended to upgrade their appliances to one of the supported versions that address the vulnerabilities.”

Citrix, under the Cloud Software Group, strongly urges customers to apply the following updates immediately:

• NetScaler ADC and Gateway 14.1-47.46 or later
• NetScaler ADC and Gateway 13.1-59.19 or later
• NetScaler ADC 13.1-FIPS/NDcPP 13.1-37.236 or later

Customers requiring the FIPS or NDcPP builds must contact Citrix support at https://support.citrix.com.

Related Posts:

• Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed
• Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances
• CVE-2024-6235: NetScaler Console Flaw Enables Admin Access, PoC Publishes
• Critical NetScaler Flaws Allow Access Control Bypass & Memory Overread
• CVE-2024-12284 in NetScaler Console Exposes Systems to Unauthorized Command Execution