Particle.news
Download on the App Store
8 ARTICLES
·
2h ago

Citrix Patches Three NetScaler Flaws After Active Exploitation of CVE-2025-7775

CISA’s known‑exploited listing heightens pressure to upgrade immediately, prompting backdoor hunts after patching.

Citrix vulnerabilities exploited
Image
Image
Image

Overview

  • CVE-2025-7775 (CVSS 9.2) enables pre‑auth remote code execution or denial of service, while CVE-2025-7776 (8.8) and CVE-2025-8424 (8.7) involve memory overflow and improper management interface access control.
  • Citrix says there are no effective workarounds and urges upgrades to 14.1‑47.48+, 13.1‑59.22+, 13.1‑FIPS/NDcPP 13.1‑37.241+, and 12.1‑FIPS/NDcPP 12.1‑55.330+.
  • Researchers report CVE-2025-7775 is being used to drop webshells and backdoors on unpatched appliances, prompting calls for incident response and compromise hunting after updates.
  • CISA added CVE-2025-7775 to its Known Exploited Vulnerabilities catalog, increasing remediation urgency for federal agencies and raising compliance pressure on other organizations.
  • Citrix notes older NetScaler versions 12.1 and 13.0 are end of life with no security fixes, Secure Private Access on‑prem and hybrid deployments are affected, and this marks the third actively exploited NetScaler zero‑day disclosed since June.