Over 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability, CVE-2025-7775, which is actively exploited in the wild. Urging immediate action, Citrix recommends upgrading affected systems as no mitigation or workaround is currently available. #CVE-2025-7775 #CitrixNetScaler
Keypoints
- More than 28,200 Citrix instances are vulnerable to a critical security flaw.
- The CVE-2025-7775 vulnerability allows remote code execution and is being exploited in the wild.
- Citrix has released updates but does not provide specific mitigation measures; urgent firmware upgrades are needed.
- The affected versions include several releases of NetScaler ADC and Gateway, with most vulnerable instances in the US, Germany, and the UK.
- CISA has classified CVE-2025-7775 as a known exploited vulnerability, demanding patches by August 28 for federal agencies.