CVE-2025-6543
Citrix NetScaler ADC and Gateway Unauthenticated Remote Code Execution and Denial of Service Vulnerability
Description
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
INFO
Published Date :
June 25, 2025, 1:15 p.m.
Last Modified :
June 25, 2025, 1:15 p.m.
Source :
[email protected]
Remotely Exploitable :
No
Impact Score :
Exploitability Score :
Affected Products
The following products are affected by CVE-2025-6543
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
No affected product recoded yet
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-6543.
| URL | Resource |
|---|---|
| https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-6543 vulnerability anywhere in the article.
-
The Register
Citrix bleeds again: This time a zero-day exploited - patch now
Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued ... Read more
-
BleepingComputer
Citrix warns of NetScaler vulnerability exploited in DoS attacks
Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition. "Exploits of CV ... Read more
-
The Hacker News
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
Vulnerability / Network Security Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE- ... Read more
-
Cyber Security News
Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild
Cloud Software Group has issued an urgent security advisory warning customers about a critical memory overflow vulnerability in NetScaler ADC and Gateway products, which could enable denial-of-service ... Read more
The following table lists the changes that have been made to the
CVE-2025-6543 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by [email protected]
Jun. 25, 2025
Action Type Old Value New Value Added Description Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server Added CVSS V4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Added CWE CWE-119 Added Reference https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-6543 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-6543
weaknesses.