CVE-2025-5777

Published Jun 17, 2025

Last updated 3 days ago

Exploit knownCVSS critical 9.3
NetScaler ADC
NetScaler Gateway
Citrix

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.

Description
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Source
secure@citrix.com
NVD status
Analyzed

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Exploit added on
Jul 10, 2025
Exploit action due
Jul 11, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

secure@citrix.com
CWE-125
nvd@nist.gov
CWE-908
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-457

Social media

Hype score
Not currently trending
  1. CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/CcAYLRVM8U https://t.co/72ncmpwITO

    @AngeloAkamai

    17 Jul 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2025-5777: Citrix NetScaler Memory Leak Exploit 일명 #CitrixBleed2, PoC 코드가 공개되었습니다. 🔗 https://t.co/X3clYMlnEc 이번 취약점은 NetScaler ADC & Gateway 장비에 영향을 미치며,공격자가 민감 정보를 메모리에서 추출할

    @CriminalIP_KR

    17 Jul 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 A recent attack on Citrix NetScaler flaw (CVE-2025-5777) exploited since Jun 2025, leaking session tokens! #Hoprnet's decentralized VPN hides metadata, blocking such attacks. Secure your network! 🔒 #Cybersecurity #GnosisVPN https://t.co/UjaC7dFHZx https://t.co/sQTjo5kuHo

    @Sawaya2000

    16 Jul 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Warnings escalate as experts report widespread exploitation of Citrix's critical vulnerability CVE-2025-5777, likening it to the earlier CitrixBleed flaw, with attackers rapidly scanning for exposed instances and CISA urging immediate patching. #Cybersec… https://t.co/b3SjAHpeM

    @Cyber_O51NT

    16 Jul 2025

    93 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-5777: Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server https://t.co/HjYgo9hnli

    @ZeroDayFacts

    15 Jul 2025

    37 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Actively exploited CVE : CVE-2025-5777

    @transilienceai

    15 Jul 2025

    26 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. I wrote a PoC exploit for CVE-2025-5777 Citrix NetScaler Memory Leak Severity: CRITICAL ⚠️ https://t.co/DS5Ar851GD https://t.co/2VNpPp0iU2

    @0xr3dhunt

    15 Jul 2025

    101 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises #CISO https://t.co/dg8ayKEC49 https://t.co/VB300Dyjqj

    @compuchris

    15 Jul 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🔍 #Pentesting 2025: Alerta CVE-2025-5777 en Citrix NetScaler ADC/Gateway. Validación insuficiente permite sobrelectura de memoria en configuraciones Gateway/AAA. ¡Aplica parches ya! 📚 Ref: https://t.co/UZOvsZRB8e #Ciberseguridad #ActiveDirectory[](https://t.co/C34FKDQsSz)

    @T1000mex

    15 Jul 2025

    73 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. US CISA warns of CitrixBleed 2 flaw (CVE-2025-5777) in NetScaler ADC & Gateway, enabling attacker's to hijack sessions & bypass MFA. Many systems remain unpatched, risking data leakage. #CitrixRisk #NetScaler #US https://t.co/F3tjNo5WBm

    @TweetThreatNews

    14 Jul 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Exploits and technical details of the Citrix Bleed 2 vulnerability have been published PoC exploits for the critical vulnerability Citrix Bleed 2 (CVE-2025-5777) have become publicly available. https://t.co/UAaVAyyyVS https://t.co/4cKKRckaN9

    @RedDogSecurity1

    14 Jul 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/VTQWmHUhEM https://t.co/Iv38fEFK9T

    @Jrenou

    14 Jul 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. ⚠️ CISA Alert: “Citrix Bleed 2” (CVE-2025-5777) ✅ Critical memory leak in Citrix NetScaler ADC/Gateway. ✅ Exposes VPN sessions, bypasses MFA. ✅ PoC exploit public. Patch NOW! #Infosec #ZeroDay https://t.co/3UAcJLRqBU

    @vpnlabel

    14 Jul 2025

    73 Impressions

    3 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/dbnlJWcpeP https://t.co/aSTOn22yCW

    @RaghuNain

    14 Jul 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/meO8kNMJJv https://t.co/uk2zEas1IJ

    @ihuazi

    14 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. csirt_it: La Settimana Cibernetica del 13 luglio 2025 🔹aggiornamenti per molteplici prodotti 🔹CitrixBleed2: dettagli e mitigazioni per la CVE-2025-5777 relativa a Citrix NetScaler ADC e Gateway ⚠️ #EPSS: 🔹Zyxel: CVE-2024-29974 🔹NetScaler: CVE-202… https://t.

    @Vulcanux_

    14 Jul 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. La Settimana Cibernetica del 13 luglio 2025 🔹aggiornamenti per molteplici prodotti 🔹CitrixBleed2: dettagli e mitigazioni per la CVE-2025-5777 relativa a Citrix NetScaler ADC e Gateway ⚠️ #EPSS: 🔹Zyxel: CVE-2024-29974 🔹NetScaler: CVE-2025-5777 🔗 https://t.c

    @csirt_it

    14 Jul 2025

    119 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/WAtGRvEkgs https://t.co/UJvGZDdYYm

    @jroemer87

    14 Jul 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly discovered Citrix NetScaler ADC and Gateway vulnerability, identified as CVE-2025-5777 https://t.co/AAXvjd7SDX

    @CyberSecuriUS

    14 Jul 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Citrix製品の重大な脆弱性「Citrix Bleed 2(CVE-2025-5777)」、CISAが即時対応を通達 #セキュリティ対策Lab #セキュリティ #Security https://t.co/IF9Em1Uuh5

    @securityLab_jp

    14 Jul 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. GitHub - win3zz/CVE-2025-5777: CVE-2025-5777 (CitrixBleed 2) - Critical memory leak vulnerability affecting Citrix NetScaler ADC and Gateway devices https://t.co/UdXXJQuIAE

    @akaclandestine

    13 Jul 2025

    1271 Impressions

    7 Retweets

    16 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  22. CISA added 5 vulns to its Known Exploited Vulnerabilities (KEV) catalog this week: CitrixBleed 2 (CVE-2025-5777) – OOB read in NetScaler ADC. 4 older vulns added July 7: ▪ Zimbra ZCS (CVE-2019-9621) ▪ Rails (CVE-2019-5418) ▪ PHPMailer (CVE-2016-10033) ▪ MRLG (CVE-2014-3

    @cyber_sec_raj

    13 Jul 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. CISA's giving feds ONE DAY to patch CitrixBleed 2 (CVE-2025-5777)! This flaw in Citrix NetScaler ADC & Gateway is already being exploited. One day?! That's harsh, even for government IT. Guess someone's weekend is shot. https://t.co/uinax3a8DN

    @pixincreate

    13 Jul 2025

    60 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 📌 CISA adds critical Citrix NetScaler ADC and Gateway flaw (CVE-2025-5777) to KEV catalog. Vulnerability actively exploited. #CyberSecurity #Citrix https://t.co/YaNJeXuVxv https://t.co/NoixzuRqeU

    @CyberHub_blog

    12 Jul 2025

    91 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. OKAY, HERE'S THE RAGE BAIT TWEET YOU REQUESTED: ARE YOU KIDDING ME WITH THIS CITRIX BLEED 2 NONSENSE? CISA IS GIVING AGENCIES ONE DAY TO PATCH CVE-2025-5777? ONE DAY?! WHAT ABOUT THE REST OF US PEONS? THIS IS WHY WE CAN'T HAVE NICE THINGS. I'M GOING BACK TO ABACUSES AND STONE htt

    @pixincreate

    12 Jul 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. This week, cybersecurity faces alarming challenges with critical vulnerabilities being actively exploited, including CitrixBleed 2 (CVE-2025-5777). These threats impact various infrastructures globally, leading to increased security costs and broader implications for businesses a

    @PrinceMakabula

    12 Jul 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Four suspects linked to Scattered Spider and DragonForce ransomware were arrested in the UK, affecting major retailers like M&S, Co-op, and Harrods with losses up to £440M. Urgent updates needed for CVEs CVE-2025-47812 & CVE-2025-5777. ⚠️ #UK #Ransomware https://t.co

    @TweetThreatNews

    12 Jul 2025

    120 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  28. CISA just dropped a new meme: Citrix NetScaler CVE-2025-5777 is here to ruin your 9-5 💀🖥️ #GetWrecked 🚨🔥 https://t.co/Abge9rcnwk

    @TechTrendEcho

    12 Jul 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Actively exploited CVE : CVE-2025-5777

    @transilienceai

    12 Jul 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  30. CVE-2025-5777 Exposes Citrix NetScaler to Dangerous Memory Leak Attacks https://t.co/2i8gmxTPdv https://t.co/17Upyx0XvV

    @RigneySec

    11 Jul 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. CISA orders federal agencies to patch Citrix Bleed 2 (CVE-2025-5777) within 24 hours. Active exploitation by ransomware gangs puts sensitive data at risk. Immediate action needed to mitigate threat! ⚠️ #NetScaler #US #Vulnerability https://t.co/gyL0xTwsQm

    @TweetThreatNews

    11 Jul 2025

    41 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 🚨 Critical #CVE-2025-5777 Vulnerability in Citrix NetScaler ADC: What It Means for Your Security Posture https://t.co/k7ryCZ7jBv

    @UndercodeNews

    11 Jul 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. #exploit 1⃣ CVE-2025-5959: Type Confusion in V8 in Google Chrome - https://t.co/YlFKlI5woW 2⃣ CVE-2025-47812: Wing FTP Server RCE Exploit - https://t.co/QIMvUFvKEI 3⃣ SailPoint IQService - RCE via Default Encryption Key - https://t.co/sl0odlvVQ5 4⃣ CVE-2025-5777 (Cit

    @ksg93rd

    11 Jul 2025

    2623 Impressions

    19 Retweets

    71 Likes

    47 Bookmarks

    0 Replies

    0 Quotes

  34. In a rare move, CISA gave federal agencies just one day to patch Citrix Netscaler bug CVE-2025-5777 Patch ASAP #CitrixBleed2 #2Citrix2Bloody https://t.co/YLrwmmlbdL

    @jgreigj

    11 Jul 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 🚨 CISA just added Citrix NetScaler CVE-2025-5777 to its KEV Catalog! Active exploits are targeting enterprises. Patch immediately! #Cybersecurity #CVEAlert https://t.co/d1SIjFdVlU

    @xcybersecnews

    11 Jul 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. 🚨 Americká CISA přidala do katalogu známých zneužívaných zranitelností (KEV) novou kritickou chybu v Citrix NetScaler ADC a NetScaler Gateway. Zranitelnost CVE-2025-5777 (CVSS score: 9.3), která si vysloužila přezdívku Citrix Bleed 2, spočívá v nedostatečné va

    @AlefSecurity

    11 Jul 2025

    71 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  37. CVE-2025-5777 (Citrix Bleed 2) permitia leakar dados de memória via endpoint de autenticação; enviar login sem valor de '=' repetidas vezes vazava porções de memória não inicializada, possibilitando extrair tokens e credenciais.

    @hashtagsec

    11 Jul 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. CVE-2025-5777 : Citrix NetScaler Memory Leak Exploit (CitrixBleed 2) PoC https://t.co/JVdsYJFFBJ https://t.co/rP5Lej304x

    @freedomhack101

    11 Jul 2025

    62 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  39. 🚨 "CitrixBleed 2" vulnerability (CVE-2025-5777) under widespread exploitation - over 200,000 scanning attempts detected. Critical pre-auth flaw in Citrix NetScaler devices leaks memory containing session tokens, passwords & config data. Affects ADC and Gateway devices. h

    @threatcluster

    11 Jul 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. 🚨 CVE-2025-5777: Critical memory overread in Citrix NetScaler ADC/Gateway 🚨 Insufficient input validation on VPN/ICA/RDP Proxy & AAA servers CVSS 9.3 | EPSS 2.91 Full report & mitigation 👉 https://t.co/nv0kuV268T #CyberSecurity #CVE #ThreatIntel https://t.co

    @BaseFortify

    11 Jul 2025

    63 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. CVE-2025-5777 : Citrix NetScaler Memory Leak Exploit (CitrixBleed 2) https://t.co/OJCJhLzsQj https://t.co/ROPrTYD5GI

    @cyber_advising

    11 Jul 2025

    1891 Impressions

    7 Retweets

    29 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  42. CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/NDUWO5kry8 https://t.co/pu2nai3PEd

    @ArminBolenius

    11 Jul 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. CVE-2025-5777 becomes latest target in ongoing Citrix exploitation wave #DataBreach #Risk Full Story 👉 https://t.co/p2fDmyij7h https://t.co/SSLd3U7njR

    @CSec88

    11 Jul 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises https://t.co/hCmSzfbgnZ https://t.co/Lxuh05Nu0m

    @talentxfactor

    11 Jul 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. 📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) ثغرة أمنية حرجة في Citrix NetScaler ADC وGateway إلى قائمة الثغرات المعروفة المستغلة. الثغرة CVE-2025-5777، ال

    @Cybercachear

    11 Jul 2025

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises https://t.co/284YkCvj6y

    @TheCyberSecHub

    11 Jul 2025

    1015 Impressions

    9 Retweets

    9 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  47. CISA incluye la vulnerabilidad CVE-2025-5777 de Citrix NetScaler en su catálogo KEV debido a explotaciones activas dirigidas a empresas. 👉 https://t.co/mNcEV2SPKo https://t.co/A84LpbIj5y

    @EnigmaSecurity_

    11 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. 🔍 CISA has added the Citrix NetScaler vulnerability CVE-2025-5777 to its KEV catalog due to active exploitation targeting businesses. 🚨 👉 https://t.co/mNcEV2SPKo https://t.co/QwQXFnPsMI

    @EnigmaSecurity_

    11 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises https://t.co/yMBJ6Rdsst https://t.co/F27C4rKtZS

    @RigneySec

    11 Jul 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. CVE-2025-5777がKEVに登録されました。 この脆弱性がいつもと違うのは、今日発表されて対応期限が明日までということです。 アメリカ国家としてリスクが高いと判断しているのでしょうね。 https://t.co/gV8NG4g8qj

    @shojiueda

    11 Jul 2025

    101 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations