CVE‑2025‑6543 – NetScaler ADC Zero‑Day Exploited

Dave HallDave Hall
1 min read

CVE‑2025‑6543: Active Zero‑Day in Citrix NetScaler ADC/Gateway

CVE‑2025‑6543 is a zero‑day vulnerability in Citrix NetScaler ADC and Gateway appliances. Rapid7 confirmed exploitation prior to the public patch release on June 26, 2025.

  • CVSS v3.1: Not yet available (zero‑day)

  • Exploit Status: Demonstrated in the wild

  • Affected Systems: NetScaler ADC/Gateway versions with default configs

Why It Matters

NetScaler is widely deployed in enterprise router and access gateway roles. This zero‑day allows attackers to execute code remotely with elevated privileges — often without authentication.

  1. Apply Citrix’s emergency patch immediately.

  2. Review appliance configurations, especially access rules and VPN settings.

  3. Watch for anomalous admin logs or configuration changes post‑exploit.

Key Takeaway

Network appliance zero‑days are especially dangerous — they’re exposed and trusted. Rapid patch deployment and continuous monitoring are non‑negotiable.

0
Subscribe to my newsletter

Read articles from Dave Hall directly inside your inbox. Subscribe to the newsletter, and don't miss out.

vulnerabilityVulnerability management#cybersecuritycybersecurity

Written by

Dave Hall
Dave Hall