CVE-2025-7776

Summary

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it

Affected Software

VendorProductVersion RangeStatus
NetScalerADC14.1 < 47.48affected
NetScalerADC13.1 < 59.22affected
NetScalerADC13.1 FIPS and NDcPP < 37.241affected
NetScalerADC12.1 FIPS and NDcPP < 55.330affected
NetScalerGateway14.1 < 47.48affected
NetScalerGateway13.1 < 59.22affected
NetScalerGateway13.1 FIPS and NDcPP < 37.241affected
NetScalerGateway12.1 FIPS and NDcPP < 55.330affected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References