CVE-2025-7776

Published Aug 26, 2025

Last updated 21 days ago

CVSS high 8.8

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-7776 is a memory overflow vulnerability that affects NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with a PCoIP Profile. This vulnerability is classified as CWE-119, which is an improper restriction of operations within the bounds of a memory buffer. The vulnerability can be triggered by an attacker, leading to unpredictable or erroneous behavior, including a Denial of Service (DoS). No authentication or user interaction is required to exploit this vulnerability.

Description
Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
Source
secure@citrix.com
NVD status
Analyzed
Products
netscaler_application_delivery_controller, netscaler_gateway

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.8
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

secure@citrix.com
CWE-119

Social media

Hype score
Not currently trending

  1. Threat actors are exploiting the Hexstrike-AI framework, which automates zero-day exploits in under ten minutes, particularly targeting Citrix vulnerabilities CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424. https://t.co/lIqKSO4xRi

    @securityRSS

    3 Sept 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ⚠️Vulnerabilidad en Dell iDRACService Module ❗CVE-2025-38743 ❗CVE-2025-7776 ➡️Más info: https://t.co/WMRHnJy2js https://t.co/Fm4PjVX75o

    @CERTpy

    1 Sept 2025

    112 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️Múltiples vulnerabilidades en productos Citrix ❗CVE-2025-7775 ❗CVE-2025-7776 ❗CVE-2025-8424 ➡️Más info: https://t.co/XqXUNphoCB https://t.co/W8pqfuEJMT

    @CERTpy

    29 Aug 2025

    216 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ Weekly vuln radar. https://t.co/Cd6L8ACyLV – spot what’s trending before it’s everywhere: CVE-2025-53770 CVE-2025-43300 CVE-2025-5777 CVE-2024-21887 CVE-2023-46604 (@ThreatBookLabs) CVE-2025-7776 CVE-2025-54309 CVE-2025-7775 CVE-2025-53771 https://t.co/q4Rx5wWFSt

    @ptdbugs

    29 Aug 2025

    286 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 39 seconds. That’s all it takes NodeZero to prove you're exploitable via CVE-2025-7776, a Citrix NetScaler memory corruption vulnerability — initially discovered by our Attack Team's Jimi Sebree. This flaw has the potential for serious disruption and compromise.

    @Horizon3ai

    29 Aug 2025

    64035 Impressions

    3 Retweets

    13 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  6. ⏱️ 39 seconds. That’s all it takes #NodeZero to prove you're exploitable via CVE-2025-7776, a Citrix NetScaler memory corruption vulnerability — initially discovered by @Horizon3Attack's Jimi Sebree. This flaw has the potential for serious disruption and compromise. Peri

    @Horizon3ai

    28 Aug 2025

    454 Impressions

    6 Retweets

    5 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. CITRIX NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 Multiple vulnerabilities have been discovered https://t.co/txSGtFuAeF

    @_CYOPS

    27 Aug 2025

    179 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. ⚠️ Urgent Update for Citrix NetScaler customers⚠️ Attention all Citrix NetScaler ADC and NetScaler Gateway users, it is crucial to take immediate action to address the following vulnerabilities: - CVE-2025-7775 with a severity score of 9.2 - CVE-2025-7776 with a severit

    @_POPPELGAARD

    26 Aug 2025

    652 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2025-7776 NetScaler ADC and Gateway Memory Overflow Vulnerability Enables Denial of Service https://t.co/MaNc8Ax5DG

    @VulmonFeeds

    26 Aug 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Critical vulnerabilities (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) have been identified in customer-managed NetScaler ADC and NetScaler Gateway. Immediate upgrades required. Read the full bulletin & affected versions here: https://t.co/Vf8JJKCf06 https://t.co/RlmPTyPfEq

    @FerroqueSystems

    26 Aug 2025

    267 Impressions

    2 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.