Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-6543

UNKNOWN
Published 2025-06-25T12:49:57.896Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-6543. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Available Exploits

No exploits available for this CVE.

Related News

CitrixBleed 2 might be actively exploited (CVE-2025-5777)

While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which have been pat…

Help Net Security 2025-06-30 12:36
Read More
CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-6543 Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability These types of vulnerabi…

Cisa.gov 2025-06-30 12:00
Read More
CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation

Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, including CVE-2025-5777 known as CitrixBleed 2.BackgroundTenable’s Research Special Operations (RSO) team has compiled th…

Tenable.com 2025-06-27 21:11
Read More
Citrix Products Denial of Service Vulnerability

A vulnerability was identified in Citrix Products. A remote user can exploit this vulnerability to trigger denial of service condition on the targeted system. Note: CVE-2025-6543 is being exploited in the wild. Memory overflow vulnerability leading to un…

Hkcert.org 2025-06-26 01:00
Read More
Citrix warns of NetScaler vulnerability exploited in DoS attacks

Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition. [...]

BleepingComputer 2025-06-25 17:35
Read More

Affected Products

NetScaler

ADC

Affected Versions:

14.1 13.1 13.1 FIPS and NDcPP
NetScaler

Gateway

Affected Versions:

14.1 13.1 13.1 FIPS and NDcPP

Known Exploited Vulnerability

This vulnerability is actively being exploited in the wild

View KEV Details

Remediation Status

Overdue

Due Date

July 21, 2025

Added to KEV

June 30, 2025

Required Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Product

Vendor/Project: Citrix
Product: NetScaler ADC and Gateway

Ransomware Risk

Known Ransomware Use
KEV Catalog Version: 2025.06.30 Released: June 30, 2025

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Affected Products (ENISA)

netscaler
adc

ENISA Scoring

CVSS Score (4.0)

9.2
/10
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

EPSS Score

3.540
probability

ENISA References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788

Data provided by ENISA EU Vulnerability Database. Last updated: July 17, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-9gqr-6728-fpv3

Advisory Details

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-6543
WEB https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788

Advisory provided by GitHub Security Advisory Database. Published: June 26, 2025, Modified: July 1, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

14 posts
Reddit 2 weeks, 5 days ago
systemtek-co-uk

Citrix NetScaler ADC and NetScaler Gateway Memory overflow vulnerability (CVE-2025-6543)

1
1.0
View Original
Reddit 2 weeks, 6 days ago
Sarunas

„Citrix“ kritinis pažeidžiamumas ⚠️ \*\*Svarbi saugumo naujiena!\*\* „Citrix“ išleido skubius atnaujinimus, kad pašalintų kritinį pažeidžiamumą \*\*CVE-2025-6543\*\*. Ši atminties perpildymo klaida paveikia NetScaler ADC ir Gateway versijas. CVSS reitingą 9.2. Rekomenduojame nedelsiant atnaujinti sistemas, kad apsisaugotumėte nuo galimų DoS atakų ir kitų grėsmių. Skaitom: [https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html](https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html)

1
1.0
View Original
Reddit 3 weeks, 2 days ago
crstux
Exploit

🔥 Top 10 Trending CVEs (03/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-20309](https://nvd.nist.gov/vuln/detail/CVE-2025-20309)** - 📝 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log …

Also mentions: CVE-2025-20309 CVE-2025-6554 CVE-2025-32463 CVE-2025-32462 CVE-2025-49493 CVE-2025-20282 CVE-2025-20281 CVE-2024-6387 CVE-2006-5051
2
2.0
View Original High Risk
Reddit 3 weeks, 3 days ago
crstux
Exploit

🔥 Top 10 Trending CVEs (02/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-6554](https://nvd.nist.gov/vuln/detail/CVE-2025-6554)** - 📝 Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) - …

Also mentions: CVE-2025-32463 CVE-2025-32462 CVE-2025-49493 CVE-2025-20282 CVE-2025-20281 CVE-2025-5263 CVE-2025-3248
2
2.0
View Original High Risk
Reddit 3 weeks, 4 days ago
Steve_Dobbs_69

CVE-2025-6543: Critical Memory Overflow Vulnerability in NetScaler ADC and Gateway

1
1.0
View Original
Reddit 3 weeks, 4 days ago
crstux
Exploit

🔥 Top 10 Trending CVEs (01/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-32463](https://nvd.nist.gov/vuln/detail/CVE-2025-32463)** - 📝 Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. - 📅 **Published:** 30/06/2025 - 📈 …

Also mentions: CVE-2025-49493 CVE-2025-20282 CVE-2025-20281 CVE-2025-5777 CVE-2025-5263 CVE-2025-1050 CVE-2025-3248
1
1.0
View Original High Risk
Reddit 3 weeks, 5 days ago
crstux
Exploit

🔥 Top 10 Trending CVEs (30/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-5263](https://nvd.nist.gov/vuln/detail/CVE-2025-5263)** - 📝 Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, …

Also mentions: CVE-2025-3699 CVE-2024-51977 CVE-2025-5777 CVE-2025-5263 CVE-2025-1050 CVE-2025-3248 CVE-2025-32433
1
1.0
View Original High Risk
Reddit 3 weeks, 6 days ago
crstux
Exploit

🔥 Top 10 Trending CVEs (29/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-1974](https://nvd.nist.gov/vuln/detail/CVE-2025-1974)** - 📝 A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context …

Also mentions: CVE-2025-3699 CVE-2025-20282 CVE-2025-20281 CVE-2025-5777 CVE-2025-31235 CVE-2025-1974 CVE-2024-39914
1
1.0
View Original High Risk
Reddit 4 weeks ago
crstux
Exploit

🔥 Top 10 Trending CVEs (28/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-3699](https://nvd.nist.gov/vuln/detail/CVE-2025-3699)** - 📝 Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G-50 Version 3.37 and prior, G-50-W Version 3.37 and prior, G-50A Version 3.37 and prior, GB-50 Version 3.37 …

Also mentions: CVE-2025-3699 CVE-2025-20282 CVE-2025-20281 CVE-2025-5777 CVE-2024-54085 CVE-2025-31235 CVE-2024-39914
1
1.0
View Original High Risk
Reddit 4 weeks, 1 day ago
crstux
Exploit

🔥 Top 10 Trending CVEs (27/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-20282](https://nvd.nist.gov/vuln/detail/CVE-2025-20282)** - 📝 A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then …

Also mentions: CVE-2024-51977 CVE-2025-20282 CVE-2025-20281 CVE-2025-5777 CVE-2024-54085 CVE-2024-0769 CVE-2019-6693
1
1.0
View Original High Risk
View All 14 Posts

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
Published: 2025-06-25T12:49:57.896Z
Last Modified: 2025-07-17T03:55:32.218Z
Copied to clipboard!