{"id":1710,"date":"2025-08-14T10:45:49","date_gmt":"2025-08-14T10:45:49","guid":{"rendered":"https:\/\/www.tsfactory.com\/forums\/?p=1710"},"modified":"2025-08-14T10:45:49","modified_gmt":"2025-08-14T10:45:49","slug":"citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches","status":"publish","type":"post","link":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/","title":{"rendered":"Citrix NetScaler flaws lead to critical infrastructure breaches"},"content":{"rendered":"<p>Hackers have breached critical infrastructure organizations in the Netherlands using a vulnerability in Citrix\u2019s NetScaler products, highlighting the serious risks facing the thousands of systems still running vulnerable NetScaler instances.<\/p>\n<p>\u201cSeveral critical organizations in the Netherlands have been successfully attacked\u201d using the memory-overflow vulnerability in NetScaler ADC and NetScaler Gateway, the Dutch National Cyber Security Centre\u00a0<a href=\"https:\/\/www.ncsc.nl\/actueel\/nieuws\/2025\/07\/22\/casus-citrix-kwetsbaarheid\">said on Monday.<\/a>\u00a0The flaw is tracked as\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-6543\">CVE-2025-6543<\/a>\u00a0and rated as critical.<\/p>\n<p>The unknown intruders first breached their targets\u2019 networks in early May, more than a month before\u00a0<a href=\"https:\/\/support.citrix.com\/support-home\/kbsearch\/article?articleNumber=CTX694788\">Citrix\u2019s June 25 disclosure<\/a>\u00a0of the flaw, the NCSC said. They used \u201csophisticated methods\u201d and erased evidence of their activities \u201cto conceal the compromise at the affected organizations,\u201d the agency added. \u201cThe investigation is ongoing, but it can now be concluded that perhaps not all questions about this digital attack can be answered.\u201d<\/p>\n<p>Citrix in June\u00a0<a href=\"https:\/\/support.citrix.com\/support-home\/kbsearch\/article?articleNumber=CTX693420\">also disclosed<\/a>\u00a0a similar NetScaler flaw, an insufficient-input-validation vulnerability tracked as\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-5777\">CVE-2025-5777<\/a>\u00a0and also rated critical.<\/p>\n<p>There are more than 3,300 internet-connected NetScaler instances vulnerable to CVE-2025-5777 worldwide and more than 4,100 instances vulnerable to CVE-2025-6543, according to\u00a0<a href=\"https:\/\/dashboard.shadowserver.org\/statistics\/combined\/time-series\/?date_range=7&amp;source=http_vulnerable&amp;source=http_vulnerable6&amp;tag=cve-2025-5777%2B&amp;tag=cve-2025-6543%2B&amp;dataset=unique_ips&amp;limit=100&amp;group_by=tag&amp;stacking=overlap&amp;auto_update=on\">data from the Shadowserver Foundation<\/a>. \u201cWe see exploitation attempts for both vulnerabilities in our sensors,\u201d the group\u00a0<a href=\"https:\/\/bsky.app\/profile\/shadowserver.bsky.social\/post\/3lw6z7vdcp22u\">said in a social media post<\/a>.<\/p>\n<p>The intrusions in the Netherlands raise questions about how widespread the NetScaler attacks may be, including whether hackers have used the Citrix flaws to breach any U.S. critical infrastructure providers. There are more than 1,300 NetScaler instances in the U.S. that are vulnerable to at least one of the flaws, according to Shadowserver Foundation data.<\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/citrix-netscaler-attacks-netherlands\/757434\/\">Read the Full Story\u00a0<\/a><\/p>\n<p>Source: Cybersecurity Dive<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers have breached critical infrastructure organizations in the Netherlands using a vulnerability in Citrix\u2019s NetScaler products, highlighting the serious risks facing the thousands of systems still running vulnerable NetScaler instances. \u201cSeveral critical organizations in the Netherlands have been successfully attacked\u201d using the memory-overflow vulnerability in NetScaler ADC and NetScaler Gateway, the Dutch National Cyber Security [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":461,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1710","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Citrix NetScaler flaws lead to critical infrastructure breaches - Community<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Citrix NetScaler flaws lead to critical infrastructure breaches - Community\" \/>\n<meta property=\"og:description\" content=\"Hackers have breached critical infrastructure organizations in the Netherlands using a vulnerability in Citrix\u2019s NetScaler products, highlighting the serious risks facing the thousands of systems still running vulnerable NetScaler instances. \u201cSeveral critical organizations in the Netherlands have been successfully attacked\u201d using the memory-overflow vulnerability in NetScaler ADC and NetScaler Gateway, the Dutch National Cyber Security [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/\" \/>\n<meta property=\"og:site_name\" content=\"Community\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TSFactoryLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-14T10:45:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"750\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chelsie Wyatt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:site\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chelsie Wyatt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/\",\"name\":\"Citrix NetScaler flaws lead to critical infrastructure breaches - Community\",\"isPartOf\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg\",\"datePublished\":\"2025-08-14T10:45:49+00:00\",\"author\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#primaryimage\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg\",\"contentUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg\",\"width\":750,\"height\":350},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.tsfactory.com\/forums\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Citrix NetScaler flaws lead to critical infrastructure breaches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/\",\"name\":\"Community\",\"description\":\"TSFactory\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\",\"name\":\"Chelsie Wyatt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"caption\":\"Chelsie Wyatt\"},\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Citrix NetScaler flaws lead to critical infrastructure breaches - Community","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/","og_locale":"en_US","og_type":"article","og_title":"Citrix NetScaler flaws lead to critical infrastructure breaches - Community","og_description":"Hackers have breached critical infrastructure organizations in the Netherlands using a vulnerability in Citrix\u2019s NetScaler products, highlighting the serious risks facing the thousands of systems still running vulnerable NetScaler instances. \u201cSeveral critical organizations in the Netherlands have been successfully attacked\u201d using the memory-overflow vulnerability in NetScaler ADC and NetScaler Gateway, the Dutch National Cyber Security [&hellip;]","og_url":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/","og_site_name":"Community","article_publisher":"https:\/\/www.facebook.com\/TSFactoryLLC\/","article_published_time":"2025-08-14T10:45:49+00:00","og_image":[{"width":750,"height":350,"url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg","type":"image\/jpeg"}],"author":"Chelsie Wyatt","twitter_card":"summary_large_image","twitter_creator":"@TSFactoryLLC","twitter_site":"@TSFactoryLLC","twitter_misc":{"Written by":"Chelsie Wyatt","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/","url":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/","name":"Citrix NetScaler flaws lead to critical infrastructure breaches - Community","isPartOf":{"@id":"https:\/\/www.tsfactory.com\/forums\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#primaryimage"},"image":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg","datePublished":"2025-08-14T10:45:49+00:00","author":{"@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f"},"breadcrumb":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#primaryimage","url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg","contentUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/01\/Citrix.jpg","width":750,"height":350},{"@type":"BreadcrumbList","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/citrix-netscaler-flaws-lead-to-critical-infrastructure-breaches\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tsfactory.com\/forums\/"},{"@type":"ListItem","position":2,"name":"Citrix NetScaler flaws lead to critical infrastructure breaches"}]},{"@type":"WebSite","@id":"https:\/\/www.tsfactory.com\/forums\/#website","url":"https:\/\/www.tsfactory.com\/forums\/","name":"Community","description":"TSFactory","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f","name":"Chelsie Wyatt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","caption":"Chelsie Wyatt"},"url":"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1710","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/comments?post=1710"}],"version-history":[{"count":1,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1710\/revisions"}],"predecessor-version":[{"id":1711,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1710\/revisions\/1711"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media\/461"}],"wp:attachment":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media?parent=1710"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/categories?post=1710"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/tags?post=1710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}