- NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
- NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
- NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
- NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP
Citrix bleeding
As NetScaler customers will already be painfully aware, these are not the first serious vulnerabilities to affect the company’s NetScaler ADC and NetScaler Gateway appliances during 2025.
In June, the company patched CVE-2025-5349 and CVE-2025-5777, the latter a flaw in NetScaler ADC and Gateway devices significant enough for researcher Beaumont to give it a nickname, “Citrix Bleed 2”. The US Cybersecurity and Infrastructure Security Agency (CISA) later added this to its database of flaws known to be under active exploitation. (The original ‘Citrix Bleed’ flaw, CVE‑2023‑4966, affected NetScaler ADC and NetScaler Gateway in 2023.)
Meanwhile, it emerged that a second flaw patched days after that, CVE-2025-6543, might also be under active exploitation. This was confirmed in August by the Dutch National Cyber Security Centre (NCSC-NL) which reported that CVE-2025-6543 had been used to target organizations in the country since at least May.
