Essential Vulnerabilities in NetScaler ADC & Gateway – CVE-2025-5349

Global
Essential Vulnerabilities in NetScaler ADC & Gateway – CVE-2025-5349

Published:

Written by: Staff Editor
spot_img

Cloud Software Group Issues Security Advisory for Vulnerabilities in NetScaler Products

Cloud Software Group has recently issued a significant security bulletin concerning two newly discovered vulnerabilities, CVE-2025-5349 and CVE-2025-5777. These issues affect both NetScaler ADC (formerly known as Citrix ADC) and NetScaler Gateway (previously Citrix Gateway), posing a serious risk to users of these software products.

Contents
Cloud Software Group Issues Security Advisory for Vulnerabilities in NetScaler ProductsOverview of the VulnerabilitiesCVE-2025-5349: Improper Access ControlCVE-2025-5777: Insufficient Input ValidationAffected Versions of NetScaler SoftwareRecommended Actions for RemediationAcknowledgments and Industry Collaboration

Overview of the Vulnerabilities

CVE-2025-5349: Improper Access Control

The first vulnerability, CVE-2025-5349, has been identified as an improper access control issue impacting the NetScaler Management Interface. If exploited, this flaw could allow unauthorized users to gain elevated access simply by connecting through the Network Services IP (NSIP), Cluster Management IP, or local GSLB Site IP. This vulnerability has been classified under the Common Weakness Enumeration (CWE) as CWE-284 and carries a high severity rating, with a CVSS v4.0 base score of 8.7.

CVE-2025-5777: Insufficient Input Validation

The second vulnerability, CVE-2025-5777, arises from insufficient input validation, leading to a memory overread condition. This vulnerability can only be exploited when the NetScaler is configured as a Gateway—that includes VPN virtual servers, ICA Proxy, CVPN, RDP Proxy, or AAA virtual servers. It falls under CWE-125, known as Out-of-bounds Read, and is considered even more critical, with a CVSS v4.0 base score of 9.3.

Affected Versions of NetScaler Software

Cloud Software Group has released a list of affected versions for both NetScaler ADC and NetScaler Gateway:

  • NetScaler ADC and NetScaler Gateway Version 14.1 prior to 14.1-43.56
  • NetScaler ADC and NetScaler Gateway Version 13.1 prior to 13.1-58.32
  • NetScaler ADC 13.1-FIPS and 13.1-NDcPP before build 13.1-37.235-FIPS and NDcPP
  • NetScaler ADC 12.1-FIPS before build 12.1-55.328-FIPS

It’s essential for users to note that versions 12.1 and 13.0 have reached their End of Life (EOL), meaning they are no longer supported. These versions remain vulnerable to both CVE-2025-5349 and CVE-2025-5777. Users running these outdated builds are strongly encouraged to upgrade to supported versions immediately.

Furthermore, organizations utilizing Secure Private Access in on-premises or hybrid deployments must also update their NetScaler instances to the specified secure builds for protection against these vulnerabilities.

To effectively address these vulnerabilities, Cloud Software Group recommends that customers upgrade to the following versions:

  • NetScaler ADC and NetScaler Gateway 14.1-43.56 or later
  • NetScaler ADC and NetScaler Gateway 13.1-58.32 or later
  • NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.235 or later
  • NetScaler ADC 12.1-FIPS 12.1-55.328 or later

After performing the upgrade, administrators should terminate all active ICA and PCoIP sessions with the following commands to mitigate lingering vulnerabilities:

bash
kill icaconnection -all
kill pcoipConnection -all

These commands should only be executed after confirming that all appliances within an HA pair or cluster have been fully updated to secure builds.

It’s important to mention that these vulnerabilities specifically impact customer-managed instances of Citrix ADC and Citrix Gateway. Organizations using Citrix-managed cloud services or Citrix Adaptive Authentication are not required to take any action, as Cloud Software Group manages all necessary updates in those environments.

Acknowledgments and Industry Collaboration

In this advisory, Cloud Software Group extends its gratitude to Positive Technologies and ITA MOD CERT (CERTDIFESA) for their collaborative efforts in responsibly identifying and disclosing these vulnerabilities. Such cooperation has been essential in facilitating a timely and effective response to safeguard end-users.

Given the severity of CVE-2025-5349 and CVE-2025-5777, organizations that rely on NetScaler ADC and NetScaler Gateway must prioritize their updates. With one vulnerability permitting elevated access and the other enabling potential memory exploits, the risk of unauthorized control over affected systems is significant. Upgrading to the latest supported versions is not just advisable but crucial for maintaining a secure infrastructure.

spot_img

Related articles

Recent articles

Dubai: The World’s Leading Destination for Millionaires

Regional
The Allure of Dubai: Understanding the Surge in Millionaire Migration A New Wealth Hub In a recent conversation with Arabian Business, Louis Harding, CEO of Betterhomes...
Read more

Aussie MSP Vertel Confirms Ransomware Attack by Space Bears

Global
Vertel Targeted by Space Bears Ransomware Attack Overview of the Attack Recently, Vertel, an Australian managed service provider based in Sydney, has confirmed that it is...
Read more

Man Admits Guilt in Dark Web Firearms Case

Dark Watch
Co Wicklow Men Arrested for Dark Web Firearms Purchase Background of the Case In an alarming incident involving illegal firearms, one of three men from Co...
Read more

Cybersecurity and Third-Party Risk Management Discussed at Security Middle East Conference Panel

Knowledge Hub
Navigating Cybersecurity: Insights from the Security Middle East Conference As the digital landscape evolves at an unprecedented pace, the threats to cybersecurity have become more...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com