More than 28,200 Citrix NetScaler ADC and Gateway instances could be compromised in ongoing intrusions exploiting the critical memory overflow vulnerability, tracked as CVE-2025-7775, which could result in denial-of-service or remote code execution, Security Affairs reports.
The U.S. accounted for most of the unpatched Citrix NetScaler instances at over 10,000, followed by Germany, the UK, the Netherlands, and Switzerland, according to the Shadowserver Foundation. Such findings come as the Cybersecurity and Infrastructure Security Agency included the security issue in its Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the flaw by August 28. Citrix has also addressed a pair of high-severity NetScaler ADC and Gateway bugs including the memory overflow defect, tracked as CVE-2025-7776, which could be leveraged to enable DoS, and the improper access control issue, tracked as CVE-2025-8424, which could be harnessed to compromise the management interface.
The U.S. accounted for most of the unpatched Citrix NetScaler instances at over 10,000, followed by Germany, the UK, the Netherlands, and Switzerland, according to the Shadowserver Foundation. Such findings come as the Cybersecurity and Infrastructure Security Agency included the security issue in its Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the flaw by August 28. Citrix has also addressed a pair of high-severity NetScaler ADC and Gateway bugs including the memory overflow defect, tracked as CVE-2025-7776, which could be leveraged to enable DoS, and the improper access control issue, tracked as CVE-2025-8424, which could be harnessed to compromise the management interface.
