Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild.

The vulnerabilities in question are listed below -

CVE-2025-7775 (CVSS score: 9.2) - Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service

CVE-2025-7776 (CVSS score: 8.8) - Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial-of-Service

CVE-2025-8424 (CVSS score: 8.7) - Improper access control on the NetScaler Management Interface

The company acknowledged that "exploits of CVE-2025-7775 on unmitigated appliances have been observed," but stopped short of sharing additional details.

However, for the flaws to be exploited, there are a number of prereq

See Full Page