Security Advisory

Citrix Product Security Update Advisory

  • Jul 29 2025
Citrix Product Security Update Advisory

Overview

 

We have released security updates to fix vulnerabilities in Citrix products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-6759

 

Citrix Virtual Apps and Desktops Versions: Less than 2503
Citrix Virtual Apps and Desktops Versions: 2402 LTSR and earlier
Citrix Virtual Apps and Desktops Version: 2402 LTSR CU2

 

CVE-2025-5349

 

NetScaler ADC and NetScaler Gateway 14.1 Version: 14.1-43.56 and earlier
NetScaler ADC and NetScaler Gateway 13.1 Version: less than 13.1-58.32
NetScaler ADC 13.1-FIPS Version: 13.1-37.235-FIPS or less
NetScaler ADC 13.1-NDcPP Versions: 13.1-37.235-NDcPP and below
NetScaler ADC 12.1 – FIPS Version: 12.1-55.328 – less than FIPS

 

 

Resolved Vulnerabilities

 

Elevation of privilege vulnerability in Citrix Virtual Apps and Desktops (CVE-2025-6759)

Improper Access Restriction Vulnerability in NetScaler ADC and NetScaler Gateway (CVE-2025-5349)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-6759

 

Citrix Virtual Apps and Desktops versions: 2503 and later
Citrix Virtual Apps and Desktops Version: 2402 LTSR CU1 Update 1 [2]
Citrix Virtual Apps and Desktops Version: 2402 LTSR CU2 Update 1 [3]

 

CVE-2025-5349

 

NetScaler ADC and NetScaler Gateway 14.1 Version: 14.1-43.56 or later
NetScaler ADC and NetScaler Gateway 13.1 Version: 13.1-58.32 and later
NetScaler ADC 13.1-FIPS Version: 13.1-37.235-FIPS or higher
NetScaler ADC 13.1-NDcPP Version: 13.1-37.235-NDcPP or later
NetScaler ADC 12.1-FIPS Version: 12.1-55.328-FIPS or higher

 

 

References

 

[1] Windows Virtual Delivery Agent for CVAD and Citrix DaaS Security Bulletin CVE-2025-6759
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694820
[2] Citrix Virtual Apps and Desktops 2402 LTSR CU1 Update 1 – For Single Session VDA Only
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694848
[3] Citrix Virtual Apps and Desktops 2402 LTSR CU2 Update 1 – For Single Session VDA Only
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694849

[4] NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-5349 and CVE-2025-5777
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420

Tags:
Previous Post

Next Post