AI description
CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.
- Description
- Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
- Source
- secure@citrix.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- secure@citrix.com
- CWE-125
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
31
Actively exploited CVE : CVE-2025-5777
@transilienceai
29 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
📌 Critical CitrixBleed 2 (CVE-2025-5777) vulnerability in Citrix NetScaler may be actively exploited. #CyberSecurity #Citrix https://t.co/8YRmSuypvo https://t.co/a3UOXwfiUH
@CyberHub_blog
28 Jun 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation https://t.co/JG2G3gSTd4 https://t.co/aQQjuqSj7E
@Trej0Jass
28 Jun 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Spotlight: CVE-2025-5777: Citrix Bleed 2 Opens Old Wounds https://t.co/qxySj83Ob9
@samilaiho
28 Jun 2025
666 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
A vulnerability in NetScaler ADC and Gateway, "Citrix Bleed 2" (CVE-2025-5777), is likely exploited in attacks, allowing unauthorized access to sensitive data, session hijacking, and circumventing MFA. ReliaQuest confirms increasing suspicious activity. #Security https://t.co/k8h
@Strivehawk
28 Jun 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Update: NetScaler flaw CVE-2025-6543 has the same exploit path as Citrix Bleed—gateway setup required, now actively attacked. CVE-2025-5777 may allow MFA bypass via session token hijack. No workarounds, only upgrades. Full update → https://t.co/9jW8L6T05c
@TheHackersNews
28 Jun 2025
13405 Impressions
27 Retweets
48 Likes
12 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-5777
@transilienceai
28 Jun 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation https://t.co/dbylqLgerC Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, incl
@f1tym1
28 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability in“Citrix Bleed 2” (CVE-2025-5777) allows unauthenticated memory reads to steal session tokens, bypass MFA, and facilitate AD reconnaissance.ReliaQuest reports active exploitation, urging patching to versions 14.1‑43.56+,13.1‑58.32 https://t.co/OT
@shampoo_101_
28 Jun 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
📌 Critical vulnerability "Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway is being exploited, reports ReliaQuest. Suspicious activity detected. #CyberSecurity #Citrix https://t.co/1hCGDtalln https://t.co/a41VM4SgiX
@CyberHub_blog
27 Jun 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New Censys Advisory: 3 critical CVEs hit Citrix NetScaler—incl. CVE-2025-5777 ("#CitrixBleed2") enabling memory leaks & session hijacking. 📉 69K+ exposed online 🔎 Censys queries in advisory blog: Details: https://t.co/NTPPjfbhjE #CVE2025 #NetScaler #CyberSecuri
@censysio
27 Jun 2025
1415 Impressions
7 Retweets
23 Likes
8 Bookmarks
0 Replies
0 Quotes
A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks https://t.co/ztUiTR0Kt3 #Citrix #Vulnerability #ENETechnologyServicesGlendora
@enetechnologys2
27 Jun 2025
100 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Alert: 'CitrixBleed 2' (CVE-2025-5777) shows signs of active exploitation, reported June 27, 2025. Threat: Attackers can steal session tokens from NetScaler devices, bypassing authentication and maintaining undetected access, risking logistics breaches. Action: Update
@tony3266
27 Jun 2025
79 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 What You Need to Know About the Citrix NetScaler Vulnerability ReliaQuest researchers are tracking CVE-2025-5777, a Citrix NetScaler Gateway vulnerability now reaching the early stages of active exploitation. This vulnerability highlights the need for vigilance, as threat
@ReliaQuestTR
27 Jun 2025
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 What You Need to Know About the Citrix NetScaler Vulnerability ReliaQuest researchers are tracking CVE-2025-5777, a Citrix NetScaler Gateway vulnerability now reaching the early stages of active exploitation. This vulnerability highlights the need for vigilance, as threat
@ReliaQuest
27 Jun 2025
111 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Citrix Bleed 2 (CVE-2025-5777) is actively exploited, allowing attackers to hijack sessions, access sensitive data, and bypass MFA on NetScaler devices. Prompt updates and session reviews are crucial. 🚨 #CitrixVuln #NetScaler #USA https://t.co/zRz4QUXvyR
@TweetThreatNews
27 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 تُعتبر ثغرة "Citrix Bleed 2" (CVE-2025-5777) في NetScaler ADC وGateway حرجة، ومن المحتمل أن تُستغل في هجمات، وفقًا لشركة الأمن السيبراني ReliaQuest، التي لاحظت زيادة في الجلسات الم
@Cybercachear
27 Jun 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning to cybersecurity pros: "Citrix Bleed 2" (CVE-2025-5777) being actively exploited. Take action now. https://t.co/70RIPQIPJd #Cybersecurity #InfoSec #CyberAttack
@threatlight
27 Jun 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 ثغرة خطيرة في NetScaler ADC وGateway تعرف بـ "Citrix Bleed 2" (CVE-2025-5777) من المحتمل أنها تم استغلالها في هجمات، حيث أشارت شركة ReliaQuest للأمن السيبراني إلى زيادة في الجلسات ا
@Cybercachear
27 Jun 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Faille critique dans Citrix : "CitrixBleed 2" CVE-2025-5777🚨 🔓Les solutions NetScaler ADC et Gateway de Citrix sont vulnérables à une attaque qui permettrait, selon les experts cyber, de voler des tokens de session directement depuis la mémoire 🧠. https://t.co/
@KhalilouHanse
27 Jun 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Active exploitation of the CitrixBleed 2 (CVe-2025-5777) vulnerability has been observed, enabling remote attackers to hijack sessions and bypass multi-factor authentication on NetScaler ADC and Gateway. Stay alert! 🚨 #Citrix #SecurityAlert #USA https://t.co/W9rBCl4RBv
@TweetThreatNews
27 Jun 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5777
@transilienceai
27 Jun 2025
412 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 New Threat Report: CVE-2025-5777: Citrix Bleed 2 Opens Old Wounds CVE-2025-5777, dubbed "Citrix Bleed 2," has emerged—a vulnerability strikingly similar to the infamous "Citrix Bleed." ReliaQuest's latest report reveals possible exploitation of this flaw, with attackers
@ReliaQuestTR
26 Jun 2025
237 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
🔒 CitrixBleed 2 Alert! CVE-2025-5777 (CVSS 9.3) in NetScaler allows attackers to hijack sessions, bypassing MFA. Update your systems immediately to prevent unauthorized access! #CyberSec #CitrixBleed https://t.co/HFO1qNzl2I
@CyberWolfGuard
26 Jun 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New Threat Report: CVE-2025-5777: Citrix Bleed 2 Opens Old Wounds CVE-2025-5777, dubbed "Citrix Bleed 2," has emerged—a vulnerability strikingly similar to the infamous "Citrix Bleed." ReliaQuest's latest report reveals possible exploitation of this flaw, with attackers
@ReliaQuest
26 Jun 2025
237 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
#CyberAlert | Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway We are aware of the security advisories published by Citrix for critical vulnerabilities, CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543. https://t.co/FHQLsyNzqT 🧵
@cybercentre_ca
26 Jun 2025
142 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨 Citrix Bleed 2 متوفر الآن - ثغرة CVE-2025-5777 تسمح للمهاجمين باختراق الجلسات دون تسجيل الدخول. تمامًا مثل فوضى CitrixBleed لعام 2023... ولكن أسوأ. مستخدمو SAP ليسوا آمنين أيض
@zoro__dev
26 Jun 2025
233 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Security Bulletin: Multiple vulnerabilities affecting Citrix NetScaler – CVE-2025-5777 & CVE-2025-5349 allow memory leaks and unauthorized admin access. Patch to 14.1-43.56 or later + restrict interface access to reduce risk. #ThreatIntel #Re... https://t.co/MYPMybTdj8
@RedLegg
25 Jun 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Citrix warns of active exploitation of CVE-2025-6543, a critical NetScaler vulnerability causing DoS and device crashes. Patches are urgent to prevent attacks. Also watch out for CitrixBleed 2 (CVE-2025-5777) exploits. 🚨 #Vulnerability #Netherlands https://t.co/gECMbmuueX
@TweetThreatNews
25 Jun 2025
219 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #CitrixBleed2 flaw hits Citrix NetScaler, enabling session hijacking via CVE-2025-5777! 🔑 Unauthenticated attackers can steal session tokens, risking sensitive data. Act now: patch and secure your systems promptly! 🔍 Details here: https://t.co/DM9JsFATe1 #Infosec #Secu
@cybernews_ai
25 Jun 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
security researchers find a poc for CVE-2025-5777 please =)
@RepoFlex
25 Jun 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 BREAKING CYBERSECURITY NEWS 🚨 Citrix has disclosed a critical vulnerability—CVE-2025-5777, dubbed Citrix Bleed 2—which allows attackers to steal session tokens directly from memory in NetScaler ADC and Gateway appliances. This vulnerability enables unauthorized access
@cybrhoodsentinl
25 Jun 2025
172 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Follow-up Threat Advisory: Blackpoint released a threat notice last week related to CVE-2025-5777, an insufficient input validation leading to memory overread vulnerability. https://t.co/LRJ8Gfq5dR
@BlackpointUS
25 Jun 2025
127 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Security Alert: Citrix patched a critical flaw, CVE-2025-5777 (Citrix Bleed 2), enabling token theft, while SAP GUI flaws (CVE-2025-0055, 0056) risk exposing sensitive data, reported June 25, 2025. Threat: Attackers could bypass authentication on NetScaler or steal personal data
@tony3266
25 Jun 2025
145 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Citrix Bleed 2 is here — CVE-2025-5777 lets attackers hijack sessions without logging in. Just like the 2023 CitrixBleed mess… but worse. SAP users aren't safe either — input histories stored with weak/no encryption can leak SSNs, bank data. Read → https://t.co/2UQ
@TheHackersNews
25 Jun 2025
12689 Impressions
42 Retweets
89 Likes
15 Bookmarks
0 Replies
3 Quotes
Are we just getting #CitrixBleed2 through cve-2025-5777 - the description has been changed at 6/23/2025 - attackers can dump memory contents. https://t.co/SMSZ3ymmWU
@etguenni
25 Jun 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Kriegen wir gerade #CitrixBleed2 durch cve-2025-5777 - die Beschreibung wurde zum 23. 6. 2025 erweitert - Angreifer können Speicherinhalte dumpen. https://t.co/BdIQZEID8e
@etguenni
25 Jun 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
   🚨 Citrix fixes critical NetScaler bug CVE-2025-5777—patch now. This out-of-bounds read flaw is similar to CitrixBleed (CVE-2023-4966) and may allow attackers to extract session tokens from memory. Affects gateway-configured devices No known explanation yet,
@modat_magnify
24 Jun 2025
191 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. #cybersecurity https://t.co/xgOLxjFv3x
@cybertzar
24 Jun 2025
166 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【CitrixがNetScalerの重大バグCVE-2025-5777を修正】この境界外読み取りの脆弱性が悪用された形跡はないが、なるべく早くパッチを適用し、アクティブなセッションを終了するよう推奨されている。CVE-2025-5349(不適
@MachinaRecord
24 Jun 2025
106 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#Citrix Critical Netscaler #vulnerability CVE-2025-5777 patch released! Like CtirixBleed this vulnerability allows attackers to grab valid session tokens from the memory of internet-facing #Netscaler devices by sending malformed request: https://t.co/zEN6CJikkb
@securestep9
23 Jun 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) https://t.co/7kQ2NTqdbF #HelpNetSecurity #Cybersecurity https://t.co/WRdrXTnZ1A
@PoseidonTPA
23 Jun 2025
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Citrix #NetScaler bug #fixed, upgrade ASAP! (#CVE-2025-5777) https://t.co/rAyoLxN45K
@ScyScan
23 Jun 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) - https://t.co/jHqdSMd6q7 - @citrix #Enterprise #NetScaler #SecurityUpdate #Vulnerability #CyberSecurity #netsec #security #InfoSecurity #ITsecurity #CyberSecurityNews #SecurityNews
@helpnetsecurity
23 Jun 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🗣️ Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) https://t.co/M0bD7GEAlX
@fridaysecurity
23 Jun 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[HelpNet] Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777). Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The... https://t.co/4s5YazodN9
@shah_sheikh
23 Jun 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na kritické zranitelnosti v load balanceru NetScaler ADC, CVE-2025-5349 a v bráně pro vzdálený přístup NetScaler Gateway, CVE-2025-5777. První zranitelnost spočívá v nesprávném řízení přístupu v rozhraní pro správu NetScaler ADC a druhá v c
@GOVCERT_CZ
19 Jun 2025
54 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two critical vulnerabilities, CVE-2025-5349 (8.7) and CVE-2025-5777 (9.3), found in NetScaler ADC & Gateway. Outdated versions are at risk of unauthorized access & memory overreads. Ensure updates are applied swiftly! ⚠️ #NetScaler #CyberRisk https://t.co/cQgYw6ulAJ
@TweetThreatNews
19 Jun 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix has released patches for four critical vulnerabilities in NetScaler ADC & Gateway, including CVE-2025-5777, an out-of-bounds memory read. Affected configurations may be exploited. Stay updated! 🔒 #NetScaler #SecurityPatch #US https://t.co/YUQbu5uSJo
@TweetThreatNews
18 Jun 2025
192 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerability in NetScaler ADC and NetScaler Gateway URL: https://t.co/4gu12PtexF Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv4.0: 9.3 CVEs: CVE-2025-5777, CVE-2025-5349
@samilaiho
18 Jun 2025
111 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes