CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jul 21, 2025
High
CISA KEVCVE-2025-6543
Citrix—NetScaler ADC and Gateway
Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Required Action
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 ; https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-6543
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Jun 30, 2025
- KEV Added
- Jun 30, 2025
- Due Date
- Jul 21, 2025
- Related Articles
- 0
Vendor
Citrix
NetScaler ADC and Gateway