Cloud Vulnerability DB
Eine von der Community geführte Datenbank für Schwachstellen
Datenbank der SchwachstelleCVE-2025-7775
CVE-2025-7775:
Citrix ADC VPX Schwachstellenanalyse und -minderung
Überblick
On August 26, 2025, a critical memory overflow vulnerability (CVE-2025-7775) was discovered in Citrix NetScaler ADC and NetScaler Gateway. The vulnerability affects NetScaler appliances configured as Gateway or AAA virtual servers, certain Load Balancing (LB) virtual servers bound to IPv6 or DBS IPv6 services, and CR virtual servers of type HDX. The vulnerability has received a CVSS v4.0 score of 9.2 (Critical) and CVSS v3.1 score of 9.8 (Critical) (NVD, Arctic Wolf).
Technische Details
CVE-2025-7775 is a memory overflow vulnerability (CWE-119) that could lead to Remote Code Execution (RCE) and/or Denial of Service (DoS) when exploited. The vulnerability specifically affects systems when NetScaler is configured in specific ways, including Gateway configurations (VPN virtual server, ICA Proxy, CVPN, RDP Proxy), AAA virtual servers, or LB virtual servers of type HTTP, SSL, or HTTP_QUIC bound with IPv6 services (Hacker News).
Aufprall
The vulnerability can result in Remote Code Execution and/or Denial of Service in affected systems. Public reports indicate that exploitation has led to dropped web shells on unpatched appliances. Given Citrix NetScaler's historical targeting by threat actors and the critical nature of this vulnerability, widespread exploitation is likely (Arctic Wolf).
Risikominderung und Problemumgehungen
Citrix has released fixes for affected versions and strongly recommends upgrading to the following versions: NetScaler ADC and Gateway 14.1-47.48 and later releases, 13.1-59.22 and later releases of 13.1, NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases, and NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases. No workarounds are available for this vulnerability (Citrix Advisory).
Reaktionen der Community
CISA has mandated Federal Civilian Executive Branch (FCEB) agencies to remediate the vulnerability by August 28, 2025, within 48 hours of its addition to the KEV catalog. The cybersecurity community has noted this as particularly concerning given Citrix NetScaler's history as an attractive target for threat actors (CISA).
Zusätzliche Ressourcen
Quelle: Dieser Bericht wurde mithilfe von KI erstellt
Verwandt Citrix ADC VPX Schwachstellen:
Kostenlose Schwachstellenbewertung
Benchmarking Ihrer Cloud-Sicherheitslage
Bewerten Sie Ihre Cloud-Sicherheitspraktiken in 9 Sicherheitsbereichen, um Ihr Risikoniveau zu bewerten und Lücken in Ihren Abwehrmaßnahmen zu identifizieren.
Zusätzliche Wiz-Ressourcen
Eine personalisierte Demo anfordern
Sind Sie bereit, Wiz in Aktion zu sehen?
"Die beste Benutzererfahrung, die ich je gesehen habe, bietet vollständige Transparenz für Cloud-Workloads."
David EstlickCISO
"„Wiz bietet eine zentrale Oberfläche, um zu sehen, was in unseren Cloud-Umgebungen vor sich geht.“ "
Adam FletcherSicherheitsbeauftragter
"„Wir wissen, dass, wenn Wiz etwas als kritisch identifiziert, es auch tatsächlich ist.“"
Greg PoniatowskiLeiter Bedrohungs- und Schwachstellenmanagement