CISA Adds Citrix NetScaler Flaw to Known Exploited Vulnerabilities Catalog
TL;DR
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Citrix NetScaler vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. This memory overflow flaw, tracked as CVE-2025-6543, affects multiple versions of NetScaler ADC and NetScaler Gateway, posing significant risks including unintended control flow and Denial of Service (DoS). Federal agencies are ordered to fix the vulnerability by July 21, 2025, and private organizations are advised to review and address the issue promptly.
U.S. CISA Adds Critical Citrix NetScaler Vulnerability to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Citrix NetScaler vulnerability, tracked as CVE-2025-6543, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, with a CVSS score of 9.2, is a memory overflow issue affecting NetScaler ADC and NetScaler Gateway when configured as a Gateway or AAA virtual server.
Vulnerability Details
The flaw, described as a “memory overflow vulnerability leading to unintended control flow and Denial of Service,” impacts the following supported versions:
- NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.236-FIPS and NDcPP
- NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.46
- NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-59.19
Impact and Mitigation
This vulnerability can lead to unintended control flow and potentially cause a Denial of Service (DoS), disrupting service availability. According to the Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies must address the identified vulnerabilities by the due date to protect their networks against attacks exploiting these flaws.
CISA has ordered federal agencies to fix the vulnerabilities by July 21, 2025. Private organizations are also strongly advised to review the KEV catalog and address the vulnerabilities in their infrastructure.
Previous Citrix NetScaler Vulnerabilities
In January 2024, CISA added two more vulnerabilities affecting Citrix NetScaler to the KEV catalog:
- CVE-2023-6548 – Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability.
- CVE-2023-6549 – Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability.
Citrix has warned customers to install security updates to address these actively exploited zero-day vulnerabilities.
Expert Recommendations
Citrix strongly urges affected customers to install the relevant updated versions as soon as possible to mitigate risks.
Conclusion
The addition of CVE-2025-6543 to CISA’s KEV catalog underscores the urgent need for both federal agencies and private organizations to address this critical vulnerability. Prompt action is essential to prevent potential exploits and ensure the security of affected systems.
Additional Resources
For further insights, check:
For more details, visit the full article: source