(TLP: CLEAR) Multiple Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Under Active Exploitation
Summary: On June 17 and 25, 2025, Citrix published security advisories for critical vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway. The New York State Intelligence Center’s (NYSIC) Cyber Analysis Unit (CAU) has indicated that these products are now experiencing active exploitation in the wild.
Analyst Note: These vulnerabilities involve critical flaws in Citrix products similar to the 2023 Citrix Bleed incident (CVE-2023-4966), which saw heavy exploitation by ransomware gangs and nation-states.