CISA Flags Citrix, Git Flaws as Active Threats
The U.S. Cybersecurity and Infrastructure Security Agency on Aug. 25 added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities catalog, escalating concerns across enterprise IT teams. CISA flags Citrix Git flaws as active threats, highlighting their potential to compromise infrastructure if left unpatched.
The vulnerabilities include CVE-2025-48384, a high-severity issue linked to Git, and two Citrix NetScaler ADC and Gateway bugs—CVE-2024-8068 and CVE-2024-8069. All three have been actively exploited in the wild, prompting CISA to mandate immediate mitigation for federal agencies and strongly advise action across the private sector.
By adding these flaws to the KEV catalog, CISA flags Citrix Git risks as clear indicators of increasing attacker focus on widely used enterprise tools. The agency’s alert underscores the urgency of identifying and remediating these vulnerabilities before they trigger broader security incidents.
To read the full official report, visit: