Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2025-6543

Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2025-6543	Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability	exploitation_technique	T1203	Exploitation for Client Execution	Comments An unprivileged attacker can leverage this buffer overflow vulnerability, leading to a denial of service attack. No public exploits of this vulnerability exist, and information from Citrix is limited. References https://www.rapid7.com/blog/post/etr-zero-day-exploitation-of-netscaler-adc-and-netscaler-gateway/
CVE-2025-6543	Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability	primary_impact	T1498	Network Denial of Service	Comments An unprivileged attacker can leverage this buffer overflow vulnerability, leading to a denial of service attack, and potentially remote code execution. No public exploits of this vulnerability exist, and information from Citrix is limited. References https://www.rapid7.com/blog/post/etr-zero-day-exploitation-of-netscaler-adc-and-netscaler-gateway/
CVE-2025-6543	Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability	secondary_impact	T1059	Command and Scripting Interpreter	Comments An unprivileged attacker can leverage this buffer overflow vulnerability, leading to a denial of service attack, and potentially remote code execution. No public exploits of this vulnerability exist, and information from Citrix is limited. References https://www.rapid7.com/blog/post/etr-zero-day-exploitation-of-netscaler-adc-and-netscaler-gateway/