CVE-2025-6543

Summary

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Affected Software

VendorProductVersion RangeStatus
NetScalerADC14.1 < 47.46affected
NetScalerADC13.1 < 59.19affected
NetScalerADC13.1 FIPS and NDcPP < 37.236affected
NetScalerGateway14.1 < 47.46affected
NetScalerGateway13.1 < 59.19affected
NetScalerGateway13.1 FIPS and NDcPP < 37.236affected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References