Multiple vulnerabilities impacting NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products.

• CVE-2025-7775 (Critical) involves a memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service.
• CVE-2025-7776 (High) involves a memory overflow vulnerability leading to unpredictable or erroneous behaviour and Denial of Service.
• CVE-2025-8424 (High) involves improper access control on the NetScaler Management Interface.

The following versions of NetScaler ADC and NetScaler Gateway are affected.

• NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.48
• NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.48
• NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.24-FIPS and NDcPP
• NetScaler ADC 12.1-FIPS and NDcPP BEFORE 12.1-55.330-FIPS and NDcPP

Citrix reports active exploitation of these vulnerabilities has been observed.

• CVE-2025-7775 (Critical) – Attackers can exploit a pre-auth memory overflow to run arbitrary code on the NetScaler or crash it, giving the remote access or causing a DoS (Denial of Service)
• CVE-2025-7776 (High) – Attackers can abuse a memory overflow in PCoIP Gateway setups to cause service crashes or erratic behaviour, disrupting remote desktop access.
• CVE-2025-7776 (High) – Attackers with access to management interfaces can bypass access controls and steal configs, escalate privileges, or abuse admin resources.

CERT Vanuatu advises all System/Network Administrators/IT personnel in organizations to review their networks for the use of vulnerable instances of NetScaler Products.

Citrix Security Bulletin should be consulted for advice on detecting and updating vulnerability instances of these products.

Additional details are also available at Citrix security update announced for NetScaler Gateway and NetScaler