Citrix NetScaler Critical Vulnerability - 20250626001¶
Overview¶
Citrix has published a security bulletin relating to vulnerabilities discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
Exploitation of the vulnerability could result in denial-of-service and unintended control flow on gateway-configured NetScaler appliances
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| NetScaler ADC | - 14.1 prior to 14.1-47.46 - 13.1 prior to 13.1-59.19 - 13.1-FIPS and NDcPP prior to 13.1-37.236-FIPS and NDcPP |
CVE-2025-6543 | 9.2 | Critical |
| NetScaler Gateway | - 14.1 prior to 14.1-47.46 - 13.1 prior to 13.1-59.19 |
CVE-2025-6543 |
9.2 | Critical |
What has been observed?¶
The WA SOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):