Citrix Addresses Critical RCE Vulnerability in NetScaler ADC and Gateway, Exploited in Zero-Day Attacks

Citrix has released patches for three vulnerabilities affecting NetScaler ADC and NetScaler Gateway, including a critical remote code execution (RCE) flaw tracked as CVE-2025-7775. This vulnerability has been actively exploited in zero-day attacks, posing a significant risk to organizations using these products. NetScaler ADC and Gateway are essential components for application delivery and secure remote access, making them attractive targets for cybercriminals. The RCE vulnerability allows attackers to execute arbitrary code on affected systems, potentially leading to full system compromise and data breaches. The fact that this vulnerability has been exploited in zero-day attacks underscores the urgency for organizations to apply the released patches immediately. Additionally, organizations should monitor their networks for signs of exploitation, such as unusual activity or unauthorized access. This incident highlights the critical importance of timely patch management and robust network security measures to mitigate the risks associated with zero-day vulnerabilities. Cybersecurity professionals should prioritize applying these patches and conducting thorough security assessments to ensure their systems are protected against potential exploits.