CVE-2025-6543 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2025-06-25

Added to CISA KEV: 2025-06-30 5 DAYS BETWEEN CVE AND KEV

⚠️ CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity before patching
CRITICAL: Apply patches immediately - NetScaler 14.1-47.46+, 13.1-59.19+, or 13.1 FIPS/NDcPP-37.236+
Implement emergency network segmentation if patching cannot be completed immediately
Monitor NetScaler logs for suspicious client certificate activity and memory-related crashes
Review and harden NetScaler configurations, particularly Gateway and AAA virtual server settings

NVD - CVE-2025-6543
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway.
CVE-2025-6543 - Vulnerability Details - OpenCVE
CVE-2025-6543 - Memory overflow vulnerability leading to unintended control flow and Denial of Service. Sign in.Netscaler Application Delivery Controller.
Citrix forgot to tell you CVE-2025–6543 has been used as a zero ...
CVE-2025–6543 is a vulnerability which allows an attacker to supply a client certificate, which overwrites memory. This then allows code ...
CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and ...
Zero day exploitation in the wild of NetScaler ADC and NetScaler Gateway has been disclosed, due to a new vulnerability CVE-2025-6543.
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE ...
Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches.

🔴 CVE-2025-6543