CVSS v3.1 Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Prediction
Documented as more likely to be exploited than 86.4% of known CVEs.
Jun 30, 2025
Jul 21, 2025
Threat Analysis
Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Remediation Directive
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
External Intelligence
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/
https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/
National Vulnerability Database
https://nvd.nist.gov/vuln/detail/CVE-2025-6543