NetScaler Times newsletter for Week 19 - 2025
NCSC advice is always a bonus!
Hello Everyone
It’s Andrew with the latest edition of the NetScaler Times, an update to keep you up-to-date on all things NetScaler-related! Why read this? To make you soar with the eagles 🦅 !
The idea is to pull together events, firmware releases, support articles, and anything else I think is relevant into a single email.
High-level agenda for this week:
The email is a NetScaler Times newsletter for Week 19 - 2025, containing updates on firmware builds, security updates, web updates, and advice.
The newsletter provides details about the latest NetScaler firmware builds, including a timeline for the 14.1 and 13.1 builds and a table listing all firmware builds, as well as links to support documents.
It mentions NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-5491 and CVE-2024-5492, last modified on 12/Mar/2025, and the NetScaler WAF Signatures Update v151 updated on the 24th of April with new signature rules for vulnerabilities identified in the week 2025-04-23.
Web updates include information on an authentication bypass affecting Citrix NetScaler, Adaptive Authentication service configuration, and how to configure RDP proxy with RDS server for NetScaler RDP proxy -14.1.
The newsletter provides advice from the NCS about cyber threats to retailers and offers a method to provide feedback to Andrew Scott at Andrew.Scott@cloud.com.
1. The latest firmware builds.
Below are the details for the various builds, which can help you plan for new releases in your environment. This support document has more information on the different release cycles.
NetScaler has multiple form factors to support different environments. It is built on a single operating system with a software-based architecture, so its behavior will be the same regardless of whether it is used as hardware, a virtual machine, bare metal, or a container. Pick one that works for your environment and needs.
Latest Build Versions:
Here is a timeline for the 14.1 and 13.1 builds to show where they are within their respective release lifecycle.
Here are all the firmware builds in a table:
A bit random..NetScaler FIPS FAQ - Link
Which release should I use?
The release families are designed such that 14.1 has more elements changing with each update, hence the feature phase designation. There will be fewer changes in 13.1.
An example of the move to 14.1 might be that you want to take advantage of removing the dependency of ALB in Azure with your NetScaler HA deployment. Read more here. This could save some $$$ (insert local currency).
Also, a recent customer request included plans to build a new Azure infrastructure. This was not expected to be a short-term deployment. Looking at the build cycles above, it would make sense to start looking at 14.1 for this. This would avoid having to re-architect the solution next year when 13.1 moves to CVE-only support.
What about NetScaler SDX?
There are multiple NetScaler designations. VPX, MPX, SDX, BLX, and CPX all use the same firmware. The table above applies to all NetScaler types. It might not be the same download file, as appliances like the SDX do have other elements to update.
End Of Sale Appliances & End of Life Appliances
There are some short lists below with the more recent appliance changes.
EoS Appliances
These appliances are End of Sale (unavailable to buy new now), they will live and run for 5 more years from 2024.
EOL Appliances
A table shows the significant EOL appliance events for the next 12 months. Last month (April), a few appliances reached their end of life and must be replaced. The MPX/SDX 16000 is the replacement.
2. Latest NetScaler Security updates
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-5491 and CVE-2024-5492.
CTX Number: CTX677944
Article Type: Security Bulletin
Created Date: 9/Jul/2024
Last Modified Date: 12/Mar/2025
Severity: High
This was a security article released last year, it was updated on 12th March. More here
NetScaler WAF Signatures Update v151 was updated on the 24th of April.
New signature rules are generated for the vulnerabilities identified in the week 2025-04-23. Download and configure these signature rules to protect your appliance from various security attacks.
Link to details.
3. NetScaler-related web updates from…
April 26 - May 2, 2025 - Initial Access
4 days ago — Last week, Rapid7 released details on an authentication bypass affecting Citrix NetScaler. The vulnerability has an EPSS in the 90th percentile, and NetScaler ...
I thought this looked ‘concerning’, and then I checked and saw that this was patched last year. :-)
Adaptive Authentication service
6 days ago — Configure LDAP by using the NetScaler GUI: 1. Navigate to Traffic Management > Load Balancing and then click Virtual Servers. 2. Create a virtual server of type ...
NetScaler RDP proxy -14.1- How to configure RDP proxy with RDS server
370 Views•May 5, 2025•Knowledge
4. NCS Advice - A pervasive threat to retailers.
Cyber criminality, including extortion and ransomware, is one of the most pervasive cyber threats facing UK organisations. It affects organisations of all sizes, from the largest, to the very smallest. No one is immune from this threat. It is both opportunistic and indiscriminate.
Criminals continue to adapt their business models to gain efficiencies and maximise profits, including a clear shift towards ‘ransomware as a service’ where criminals – often with little technical knowledge or skill comparably – are able to launch attacks using pre-developed tools. This includes tailoring their methods of attack depending on what is most likely to yield the most significant payments.
Read more from the UK National Cyber Security Centre
5. Feedback for this newsletter
Naturally, if something you feel should be added/removed or called out, drop me a note at Andrew.Scott@cloud.com. All mistakes are mine 🤭. All opinions expressed in this newsletter are solely my own and do not express the views or opinions of my employer. ☺️
You can get all the previous newsletters plus other articles here:
Have a great week!