Wiz
Database delle vulnerabilitàCVE-2025-6543

CVE-2025-6543
Citrix ADC VPX Analisi e mitigazione delle vulnerabilità

Panoramica

CVE-2025-6543 is a critical memory overflow vulnerability affecting NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. The vulnerability was discovered and disclosed on June 25, 2025, with a CVSS score of 9.2 (Critical). The affected versions include NetScaler ADC and NetScaler Gateway 14.1 prior to 14.1-47.46, 13.1 prior to 13.1-59.19, and NetScaler ADC 13.1-FIPS and NDcPP prior to 13.1-37.236 (NVD, Hacker News).

Dettagli tecnici

The vulnerability is characterized as a memory overflow condition that leads to unintended control flow and denial-of-service. It requires no user interaction or privileges for exploitation, with high impact ratings for all three vulnerable system metrics: Confidentiality, Integrity, and Availability. The CVSS v4.0 vector string is CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L, indicating its critical severity (Rapid7, NVD).

Impatto

The vulnerability can result in unintended control flow and denial-of-service in affected systems. The high CVSS score and impact metrics suggest potential for remote code execution (RCE) capabilities. The vulnerability affects systems configured as either Gateway or AAA virtual server, which is a common configuration in production environments (Rapid7).

Mitigazione e soluzioni alternative

Cloud Software Group has released patches for affected versions: NetScaler ADC and NetScaler Gateway 14.1 should update to version 14.1-47.46 or above, version 13.1 should update to 13.1-59.19 or above. For FIPS and NDcPP versions, customers must contact NetScaler support directly for appropriate updates. Versions 12.1 and 13.0, being End of Life (EOL), will not receive patches and users are urged to upgrade to supported versions (Hacker News).

Reazioni della comunità

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-6543 to their Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch agencies to apply fixes by July 21, 2025. Security researchers have emphasized the critical nature of this vulnerability, particularly due to its active exploitation status (Rapid7).

Risorse aggiuntive

FonteQuesto report è stato generato utilizzando l'intelligenza artificiale

Imparentato Citrix ADC VPX Vulnerabilità:

CVE ID

Severità

Punteggio

Tecnologie

Nome del componente

Exploit CISA KEV

Ha la correzione

Data di pubblicazione

CVE-2025-5777CRITICAL9.3
  • Citrix ADC VPXCitrix ADC VPX
  • cpe:2.3:a:citrix:netscaler_application_delivery_controller
Jun 17, 2025
CVE-2025-7775CRITICAL9.2
  • Citrix ADC VPXCitrix ADC VPX
  • cpe:2.3:a:citrix:netscaler_application_delivery_controller
Aug 26, 2025
CVE-2025-6543CRITICAL9.2
  • Citrix ADC VPXCitrix ADC VPX
  • cpe:2.3:a:citrix:netscaler_application_delivery_controller
Jun 25, 2025
CVE-2025-7776HIGH8.8
  • Citrix ADC VPXCitrix ADC VPX
  • cpe:2.3:a:citrix:netscaler_application_delivery_controller
NoAug 26, 2025
CVE-2025-8424HIGH8.7
  • Citrix ADC VPXCitrix ADC VPX
  • cpe:2.3:a:citrix:netscaler_application_delivery_controller
NoAug 26, 2025

Valutazione gratuita delle vulnerabilità

Benchmark della tua posizione di sicurezza del cloud

Valuta le tue pratiche di sicurezza cloud in 9 domini di sicurezza per confrontare il tuo livello di rischio e identificare le lacune nelle tue difese.

Richiedi valutazione

Ulteriori risorse Wiz

PEACH

PEACH

Un framework di isolamento del tenant

Richiedi una demo personalizzata

Pronti a vedere Wiz in azione?

"La migliore esperienza utente che abbia mai visto offre piena visibilità ai carichi di lavoro cloud."
David EstlickCISO (CISO)
"Wiz fornisce un unico pannello di controllo per vedere cosa sta succedendo nei nostri ambienti cloud."
Adam FletcherResponsabile della sicurezza
"Sappiamo che se Wiz identifica qualcosa come critico, in realtà lo è."
Greg PoniatowskiResponsabile della gestione delle minacce e delle vulnerabilità
Richiedi una demo