← Voltar para CVEs
CVE-2025-6543
CRITICALCISA KEV9.8
Descricao
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado6/25/2025
Ultima modificacao10/24/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorCitrix
ProdutoNetScaler ADC and Gateway
Nome da vulnerabilidadeCitrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
Data inclusao KEV2025-06-30
Prazo de remediacao2025-07-21
Uso em ransomwareUnknown
Produtos afetados
citrix:netscaler_application_delivery_controllercitrix:netscaler_gateway
Fraquezas (CWE)
CWE-119
Referencias
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6543(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.