Vulnerabilities
Vulnerable Software
Citrix:  Security Vulnerabilities
CVE-2025-6543
Known exploited
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
CVSS Score
9.2
EPSS Score
0.098
Published
2025-06-25
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows
CVSS Score
7.3
EPSS Score
0.001
Published
2025-06-17
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows
CVSS Score
8.6
EPSS Score
0.001
Published
2025-06-17
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway
CVSS Score
8.7
EPSS Score
0.037
Published
2025-06-17
CVE-2025-5777
Known exploited
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
CVSS Score
9.3
EPSS Score
0.999
Published
2025-06-17
Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)
CVSS Score
6.9
EPSS Score
0.075
Published
2025-06-17
An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac
CVSS Score
5.9
EPSS Score
0.002
Published
2025-02-20
An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac
CVSS Score
5.9
EPSS Score
0.002
Published
2025-02-20
Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.
CVSS Score
8.8
EPSS Score
0.119
Published
2025-02-20
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
CVSS Score
5.8
EPSS Score
0.004
Published
2024-11-12


Contact Us

Shodan ® - All rights reserved