Situatie
Citrix disclosed CVE-2025-6543, a critical buffer overflow vulnerability in NetScaler ADC and Gateway devices when configured as VPN, RDP, or AAA virtual servers.
Key Points:
-
Allows unauthenticated remote DoS (Denial of Service) or potential code execution
-
Exploited in the wild – added to CISA’s Known Exploited Vulnerabilities (KEV) list on June 30
-
Affects several versions, including 14.1, 13.1, and FIPS builds
-
Attackers can crash or potentially gain control of exposed NetScaler endpoints.
Mitigation:
-
Patch immediately (builds: 14.1-47.46, 13.1-59.19, others listed in Citrix advisory)
-
For HA environments: use
kill icaconnection -allandkill pcoipConnection -allbefore upgrade -
Monitor VPN gateway logs and traffic for anomalies post-June 15.
Leave A Comment?