MS-ISAC consultancy number:
2025-060
Published date (s):
06/27/2025
PREVIEW:
Several vulnerabilities have been discovered in Citrix products, the most serious of which could allow the disclosure of sensitive data. CITRIX ADC performs a specific traffic analysis to distribute, optimize and secure layer of layer of layer 7 for web applications. The successful exploitation of the most serious of these vulnerabilities could allow memory memory, leading to the disclosure of potentially sensitive information such as authenticated session tokens. According to sensitive information recovered via this technique, the attacker can access the device or systems more.
Threat intelligence:
There is currently no report on exploited vulnerabilities.
Affected systems:
- NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-43.56
- NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-58.32
- NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.235-FIPS and NDcPP
- NetScaler ADC 12.1-FIPS BEFORE 12.1-55.328-FIPS
Large and medium government entities
Small government
Large and medium business entities
Small business entities
