Citrix Product Security Update Advisory

Overview

 

We have released security updates to fix vulnerabilities in Citrix products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-7776, CVE-2025-8424

 

NetScaler ADC Versions: 14.1-47.48 and earlier
NetScaler ADC Versions: 13.1-59.22 and earlier
NetScaler ADC Version: 13.1-37.241 – Less than FIPS
NetScaler ADC version: 12.1-55.330 – less than FIPS
NetScaler ADC version: below 13.1-NDcPP
NetScaler ADC version: less than 12.1-NDcPP
NetScaler Gateway version: less than 14.1-47.48
NetScaler Gateway version: below 13.1-59.22

 

 

Resolved Vulnerabilities

 

Memory Overflow Vulnerability in NetScaler ADC and NetScaler Gateway (CVE-2025-7776)
Improper Access Control Vulnerability in NetScaler ADC and NetScaler Gateway

 

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-7776, CVE-2025-8424

 

NetScaler ADC Version: 14.1-47.48
NetScaler ADC version: 13.1-59.22
NetScaler ADC Version: 13.1-37.241-FIPS
NetScaler ADC Version: 12.1-55.330-FIPS
NetScaler ADC Version: 13.1-NDcPP
NetScaler ADC Version: 12.1-NDcPP
NetScaler Gateway Version: 14.1-47.48
NetScaler Gateway Version : 13.1-59.22

 

 

References

 

[1] NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938