Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and released security updates that fix the flaws. The vulnerabilities The three fixed vulnerabilities are: CVE-2025-7775: A memory overflow vulnerability leading to pre-auth remote code execution (RCE) and/or denial of service (DoS) CVE-2025-7776: A memory overflow … More
The post NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) appeared first on Help Net Security.
