CVE-2025-6543 (CVSS 9.2): A memory overflow defect that attackers could exploit for unintended control flow and denial of service. This vulnerability affects NetScaler products configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
There is open-source reporting of active exploitation of this vulnerability.
What’s happening
Systems affected
The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:
- NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.46
- NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-59.19
- NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.236-FIPS and NDcPP
- NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 (end-of-life)
Key Point: These are different versions to those previously listed in previous advisories on CVE-2025-5777 and CVE-2025-5349.
What this means
Organisations who utilise affected NetScaler ADC and NetScaler Gateway versions could be vulnerable to the listed vulnerability
What to look for
How to tell if you’re at risk
If you are running a NetScaler ADC and NetScaler Gateway instance within the listed versions.
What to do
Prevention
Update to the latest version of NetScaler ADC and NetScaler Gateway.