1.0 Introduction
Recently, Citrix has released security updates to address a critical severity vulnerability in NetScaler ADC and NetScaler Gateway.
2.0 Impact
This vulnerability could lead to memory overflow, allowing attackers to manipulate control flow and cause a denial-of-service condition on affected systems configured as Gateway or AAA virtual servers.
3.0 Affected Products
- NetScaler ADC and NetScaler Gateway prior to 14.1 - 47.46
- NetScaler ADC and NetScaler Gateway prior to 13.1 - 59.19
- NetScaler ADC 13.1-FIPS and NDcPP versions prior to 13.1 - 37.236-FIPS and NDcPP
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review the
Netscaler Security Bulletin
and apply the necessary updates.
Kindly refer to the following URLs for more information:
Generally, we advise the users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact the Cyber999 Incident Response Team through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web:
https://www.cybersecurity.my
5.0 References
- https://support.citrix.com/support-home/topic-article-list?trendingCategory=20&trendingTopicName=Security%20Bulletin
- https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788&articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_6543
- https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788