彙總 Citrix 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位、輸入驗證問題、SQL 注入與CSRF,在 軟體部署與生產負載 使用場景中可能帶來 檔案覆寫、應用程式崩潰與記憶體損壞 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-3055 KEV | Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread | 50a63c94-1ea7-4568-8c11-eb79e7c5a2b5 | 9.3 | 84.00% | 2026-03-23 | 2026-06-17 |
| CVE-2025-7776 | Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it | [email protected] | 8.8 | 6.66% | 2025-08-26 | 2026-06-17 |
| CVE-2025-7775 KEV | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS an | [email protected] | 9.2 | 18.97% | 2025-08-26 | 2026-06-17 |
| CVE-2025-6759 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS | [email protected] | 7.3 | 0.24% | 2025-07-08 | 2026-06-17 |
| CVE-2025-6543 KEV | Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | [email protected] | 9.2 | 9.76% | 2025-06-25 | 2026-06-17 |
| CVE-2025-4879 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | [email protected] | 7.3 | 0.07% | 2025-06-17 | 2026-06-17 |
| CVE-2025-0320 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows | [email protected] | 8.6 | 0.07% | 2025-06-17 | 2026-06-17 |
| CVE-2025-5777 KEV | Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | [email protected] | 9.3 | 99.90% | 2025-06-17 | 2026-06-17 |
| CVE-2025-5349 | Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway | [email protected] | 8.7 | 3.65% | 2025-06-17 | 2026-06-17 |
| CVE-2025-4365 | Arbitrary file read in NetScaler Console and NetScaler SDX (SVM) | [email protected] | 6.9 | 7.01% | 2025-06-17 | 2026-06-17 |
| CVE-2025-1223 | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | [email protected] | 5.9 | 0.15% | 2025-02-19 | 2026-06-17 |
| CVE-2025-1222 | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | [email protected] | 5.9 | 0.15% | 2025-02-19 | 2026-06-17 |
| CVE-2024-12284 | Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. | [email protected] | 8.8 | 11.92% | 2025-02-19 | 2026-06-17 |
| CVE-2024-8535 | Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources | [email protected] | 5.8 | 0.42% | 2024-11-12 | 2026-06-17 |
| CVE-2024-8534 | Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled | [email protected] | 8.4 | 0.56% | 2024-11-12 | 2026-06-17 |
| CVE-2024-8069 KEV | Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server | [email protected] | 5.1 | 14.74% | 2024-11-12 | 2026-06-17 |
| CVE-2024-8068 KEV | Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain | [email protected] | 5.1 | 1.39% | 2024-11-12 | 2026-06-17 |
| CVE-2024-7890 | Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | [email protected] | 5.4 | 0.18% | 2024-09-11 | 2026-06-17 |
| CVE-2024-7889 | Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | [email protected] | 7.0 | 0.25% | 2024-09-11 | 2026-06-17 |
| CVE-2024-42423 | Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering. | [email protected] | 6.1 | 0.15% | 2024-09-10 | 2026-06-17 |