Citrix Products Denial of Service Vulnerability

Release Date: 26 Jun 2025

RISK: High Risk

TYPE: Operating Systems - Networks OS

A vulnerability was identified in Citrix Products. A remote user can exploit this vulnerability to trigger denial of service condition on the targeted system.

 

Note:

CVE-2025-6543 is being exploited in the wild. Memory overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. Hence, the risk level is rated as High Risk.

---

Impact

• Denial of Service

---

System / Technologies affected

• NetScaler ADC and NetScaler Gateway 14.1 before  14.1-47.46
• NetScaler ADC and NetScaler Gateway 13.1  before  13.1-59.19
• NetScaler ADC 13.1-FIPS and NDcPP  before 13.1-37.236-FIPS and NDcPP

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788

---

Vulnerability Identifier

• CVE-2025-6543

---

Source

• Citrix

---

Related Link

• https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788