The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added multiple Citrix vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including two older flaws patched in 2024 and a newly exploited zero-day.
The older issues CVE-2024-8068 and CVE-2024-8069 affect Citrix Session Recording and were rated medium severity. CISA also added CVE-2025-48384, a Git vulnerability rated 8.0.
Citrix issued a warning about CVE-2025-7775, a critical memory overflow flaw in NetScaler ADC and Gateway, which is actively being exploited to install webshells and backdoors. Two other vulnerabilities CVE-2025-7776 and CVE-2025-8424 were also disclosed, both rated high severity.
Citrix urges customers to upgrade to supported versions, as older releases like 12.1 and 13.0 are no longer maintained. Secure Private Access deployments using NetScaler are also affected.
Recent attacks in June and July targeted similar NetScaler flaws, including CVE-2025-5777, dubbed “Citrix Bleed 2,” which was exploited weeks before its public disclosure.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
