Main Vulnerability Database SB2025062606

SB2025062606 - Remote denial of service in NetScaler Gateway and NetScaler ADC

Published: June 26, 2025

Security Bulletin ID SB2025062606

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2025-6543)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when handling incoming requests. A remote attacker can send specially crafted traffic to the server, trigger memory corruption and perform a denial of service (DoS) attack.

Successful exploitation of the vulnerability requires that NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install update from vendor's website.

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788