2025-08-29 Journal

Source: vulnerability.circl.lu
Time: 07:34:25
Summary: Ref: https://doublepulsar.com/citrix-forgot-to-tell-you-cve-2025-6543-has-been-used-as-a-zero-day-since-may-2025-d76574e2dd2c Back in late June, Citrix posted a patch for CVE-2025–6543, which they described as “Memory overflow vulnerability leading to unintended control flow and Denial of Service”. Denial of service? Piff the magic dragon, who cares. No technical details were ever published about the vulnerability. That changes today. What they forgot to tell you: it allows remote code execution,…