Table of Contents

    Additional Resources:

    Tales from the SOC CISO Perspective: Key Takeaways from A Physical Threat to Cyber Defense

    Tales from the SOC CISO Perspective: Key Takeaways from A Physical Threat to Cyber Defense

    Tales from the SOC

    2 min read

    In this week’s Security Advisory

    • Citrix Patches Additional NetScaler Vulnerability
    • Critical Microsens Vulnerability
    • Emergency Security Updates Released for Chrome
    • Nessus Windows Vulnerability

    Citrix Patches Additional NetScaler Vulnerability

    Update to the original advisory (included below): An additional critical flaw has been made public regarding Citrix NetScaler devices, CVE-2025-6543 (CVSS 9.2/10). The CVE details input validation and memory overflow issues, which can lead to out-of-bounds memory read, unintended control flow, and denial of service (DoS) conditions. There are reports of CVE-2025-6543 being exploited in the wild. CyberMaxx strongly urges patching these vulnerabilities as soon as possible.

    Affected Versions

    NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0

    Recommendations

    Patch NetScaler instances as soon as possible.

    More Reading / Information

    Original Advisory:

    Citrix has released patches for multiple vulnerabilities affecting its customer-managed NetScaler ADC and NetScaler Gateway. The most severe, CVE-2025-5777 (CVSS 9.3/10), is an insufficient input validation that leads to a memory overread. Citrix warns that NetScaler ADC and Gateway versions 12.1 and 13.0, which have been discontinued, are affected by these vulnerabilities too and it is important to upgrade to a supported iteration as soon as possible.

    Affected Versions

    • NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-43.56.
    • NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-58.32.
    • NetScaler ADC 13.1-FIPS and NDcPP  BEFORE 13.1-37.235-FIPS and NDcPP.
    • NetScaler ADC 12.1-FIPS BEFORE 12.1-55.328-FIPS.

    Recommendations

    • Upgrade to NetScaler ADC and NetScaler Gateway 14.1-43.56 and later releases.
    • Upgrade to NetScaler ADC and NetScaler Gateway 13.1-58.32 and later releases of 13.1.
    • Upgrade to NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.235 and later releases of 13.1-FIPS and 13.1-NDcPP.
    • Upgrade to NetScaler ADC 12.1-FIPS 12.1-55.328 and later releases of 12.1-FIPS.

    More Reading / Information

    Critical Microsens Vulnerability

    An advisory published by the cybersecurity agency CISA last week, informed organizations that the Microsens NMP Web+ product is affected by two critical vulnerabilities, CVE-2025-49151 (CVSS 9.3/10) and CVE-2025-49153 (CVSS 9.3/10). These vulnerabilities can be used to obtain valid authentication tokens and overwrite critical files on the server, giving them full control over the system on the OS level.

    Affected Versions

    NMP Web+: Version 3.2.5 and prior

    Recommendations

    Upgrade to version 3.3.0 for Windows and Linux

    More Reading / Information

    Emergency Security Updates Released for Chrome

    Google has released emergency updates to patch a Chrome zero-day vulnerability, CVE-2025-6554, exploited in attacks. This zero-day vulnerability is a high-severity type confusion weakness in the Chrome V8 JavaScript engine. While such flaws generally lead to browser crashes after successful exploitation by reading or writing memory out of buffer bounds, attackers can also exploit them to execute arbitrary code on unpatched devices. Google is aware that an exploit for CVE-2025-6554 exists in the wild.

    Recommendations

    Upgrade to Google Chrome to version 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for Mac, and 138.0.7204.96 for Linux.

    Recent versions of Google Chrome have auto-update enabled by default. Organizations should confirm that the setting is not disabled and that they are not running any versions where the auto-update setting was not enabled by default. If updates are not set to auto-update, organizations need to ensure that they are communicating the need to update browsers with their users. Follow-up confirmation that the updates have been applied to users is essential. Additionally, browsers must be restarted to apply updates.

    More Reading / Information

    Nessus Windows Vulnerability

    Tenable has released Nessus version 10.8.5 to fix several high-severity vulnerabilities affecting versions 10.8.4 and earlier. These flaws—CVE-2025-36630 (CVSS 8.4/10), CVE-2025-6021 (CVSS 6.5/10), and CVE-2025-24855 (CVSS 7.8/10)—could allow attackers to escalate privileges, execute arbitrary code, and overwrite system files on Windows systems. Users are strongly urged to update their Nessus installations immediately.

    Affected Versions

    Nessus versions 10.8.4 and earlier

    Recommendations

    Upgrade to Nessus version 10.8.5 or 10.9.0

    More Reading / Information

    Recommendations

    Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.