CVE-2025-5777
Published Jun 17, 2025
Last updated 3 days ago
AI description
CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.
- Description
- Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
- Source
- secure@citrix.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
- Exploit added on
- Jul 10, 2025
- Exploit action due
- Jul 11, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/CcAYLRVM8U https://t.co/72ncmpwITO
@AngeloAkamai
17 Jul 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-5777: Citrix NetScaler Memory Leak Exploit 일명 #CitrixBleed2, PoC 코드가 공개되었습니다. 🔗 https://t.co/X3clYMlnEc 이번 취약점은 NetScaler ADC & Gateway 장비에 영향을 미치며,공격자가 민감 정보를 메모리에서 추출할
@CriminalIP_KR
17 Jul 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A recent attack on Citrix NetScaler flaw (CVE-2025-5777) exploited since Jun 2025, leaking session tokens! #Hoprnet's decentralized VPN hides metadata, blocking such attacks. Secure your network! 🔒 #Cybersecurity #GnosisVPN https://t.co/UjaC7dFHZx https://t.co/sQTjo5kuHo
@Sawaya2000
16 Jul 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warnings escalate as experts report widespread exploitation of Citrix's critical vulnerability CVE-2025-5777, likening it to the earlier CitrixBleed flaw, with attackers rapidly scanning for exposed instances and CISA urging immediate patching. #Cybersec… https://t.co/b3SjAHpeM
@Cyber_O51NT
16 Jul 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5777: Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server https://t.co/HjYgo9hnli
@ZeroDayFacts
15 Jul 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5777
@transilienceai
15 Jul 2025
26 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
I wrote a PoC exploit for CVE-2025-5777 Citrix NetScaler Memory Leak Severity: CRITICAL ⚠️ https://t.co/DS5Ar851GD https://t.co/2VNpPp0iU2
@0xr3dhunt
15 Jul 2025
101 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises #CISO https://t.co/dg8ayKEC49 https://t.co/VB300Dyjqj
@compuchris
15 Jul 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 #Pentesting 2025: Alerta CVE-2025-5777 en Citrix NetScaler ADC/Gateway. Validación insuficiente permite sobrelectura de memoria en configuraciones Gateway/AAA. ¡Aplica parches ya! 📚 Ref: https://t.co/UZOvsZRB8e #Ciberseguridad #ActiveDirectory[](https://t.co/C34FKDQsSz)
@T1000mex
15 Jul 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
US CISA warns of CitrixBleed 2 flaw (CVE-2025-5777) in NetScaler ADC & Gateway, enabling attacker's to hijack sessions & bypass MFA. Many systems remain unpatched, risking data leakage. #CitrixRisk #NetScaler #US https://t.co/F3tjNo5WBm
@TweetThreatNews
14 Jul 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploits and technical details of the Citrix Bleed 2 vulnerability have been published PoC exploits for the critical vulnerability Citrix Bleed 2 (CVE-2025-5777) have become publicly available. https://t.co/UAaVAyyyVS https://t.co/4cKKRckaN9
@RedDogSecurity1
14 Jul 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/VTQWmHUhEM https://t.co/Iv38fEFK9T
@Jrenou
14 Jul 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CISA Alert: “Citrix Bleed 2” (CVE-2025-5777) ✅ Critical memory leak in Citrix NetScaler ADC/Gateway. ✅ Exposes VPN sessions, bypasses MFA. ✅ PoC exploit public. Patch NOW! #Infosec #ZeroDay https://t.co/3UAcJLRqBU
@vpnlabel
14 Jul 2025
73 Impressions
3 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/dbnlJWcpeP https://t.co/aSTOn22yCW
@RaghuNain
14 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/meO8kNMJJv https://t.co/uk2zEas1IJ
@ihuazi
14 Jul 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: La Settimana Cibernetica del 13 luglio 2025 🔹aggiornamenti per molteplici prodotti 🔹CitrixBleed2: dettagli e mitigazioni per la CVE-2025-5777 relativa a Citrix NetScaler ADC e Gateway ⚠️ #EPSS: 🔹Zyxel: CVE-2024-29974 🔹NetScaler: CVE-202… https://t.
@Vulcanux_
14 Jul 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La Settimana Cibernetica del 13 luglio 2025 🔹aggiornamenti per molteplici prodotti 🔹CitrixBleed2: dettagli e mitigazioni per la CVE-2025-5777 relativa a Citrix NetScaler ADC e Gateway ⚠️ #EPSS: 🔹Zyxel: CVE-2024-29974 🔹NetScaler: CVE-2025-5777 🔗 https://t.c
@csirt_it
14 Jul 2025
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/WAtGRvEkgs https://t.co/UJvGZDdYYm
@jroemer87
14 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly discovered Citrix NetScaler ADC and Gateway vulnerability, identified as CVE-2025-5777 https://t.co/AAXvjd7SDX
@CyberSecuriUS
14 Jul 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix製品の重大な脆弱性「Citrix Bleed 2(CVE-2025-5777)」、CISAが即時対応を通達 #セキュリティ対策Lab #セキュリティ #Security https://t.co/IF9Em1Uuh5
@securityLab_jp
14 Jul 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - win3zz/CVE-2025-5777: CVE-2025-5777 (CitrixBleed 2) - Critical memory leak vulnerability affecting Citrix NetScaler ADC and Gateway devices https://t.co/UdXXJQuIAE
@akaclandestine
13 Jul 2025
1271 Impressions
7 Retweets
16 Likes
6 Bookmarks
0 Replies
0 Quotes
CISA added 5 vulns to its Known Exploited Vulnerabilities (KEV) catalog this week: CitrixBleed 2 (CVE-2025-5777) – OOB read in NetScaler ADC. 4 older vulns added July 7: ▪ Zimbra ZCS (CVE-2019-9621) ▪ Rails (CVE-2019-5418) ▪ PHPMailer (CVE-2016-10033) ▪ MRLG (CVE-2014-3
@cyber_sec_raj
13 Jul 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA's giving feds ONE DAY to patch CitrixBleed 2 (CVE-2025-5777)! This flaw in Citrix NetScaler ADC & Gateway is already being exploited. One day?! That's harsh, even for government IT. Guess someone's weekend is shot. https://t.co/uinax3a8DN
@pixincreate
13 Jul 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 CISA adds critical Citrix NetScaler ADC and Gateway flaw (CVE-2025-5777) to KEV catalog. Vulnerability actively exploited. #CyberSecurity #Citrix https://t.co/YaNJeXuVxv https://t.co/NoixzuRqeU
@CyberHub_blog
12 Jul 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OKAY, HERE'S THE RAGE BAIT TWEET YOU REQUESTED: ARE YOU KIDDING ME WITH THIS CITRIX BLEED 2 NONSENSE? CISA IS GIVING AGENCIES ONE DAY TO PATCH CVE-2025-5777? ONE DAY?! WHAT ABOUT THE REST OF US PEONS? THIS IS WHY WE CAN'T HAVE NICE THINGS. I'M GOING BACK TO ABACUSES AND STONE htt
@pixincreate
12 Jul 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
This week, cybersecurity faces alarming challenges with critical vulnerabilities being actively exploited, including CitrixBleed 2 (CVE-2025-5777). These threats impact various infrastructures globally, leading to increased security costs and broader implications for businesses a
@PrinceMakabula
12 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Four suspects linked to Scattered Spider and DragonForce ransomware were arrested in the UK, affecting major retailers like M&S, Co-op, and Harrods with losses up to £440M. Urgent updates needed for CVEs CVE-2025-47812 & CVE-2025-5777. ⚠️ #UK #Ransomware https://t.co
@TweetThreatNews
12 Jul 2025
120 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA just dropped a new meme: Citrix NetScaler CVE-2025-5777 is here to ruin your 9-5 💀🖥️ #GetWrecked 🚨🔥 https://t.co/Abge9rcnwk
@TechTrendEcho
12 Jul 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5777
@transilienceai
12 Jul 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5777 Exposes Citrix NetScaler to Dangerous Memory Leak Attacks https://t.co/2i8gmxTPdv https://t.co/17Upyx0XvV
@RigneySec
11 Jul 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA orders federal agencies to patch Citrix Bleed 2 (CVE-2025-5777) within 24 hours. Active exploitation by ransomware gangs puts sensitive data at risk. Immediate action needed to mitigate threat! ⚠️ #NetScaler #US #Vulnerability https://t.co/gyL0xTwsQm
@TweetThreatNews
11 Jul 2025
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical #CVE-2025-5777 Vulnerability in Citrix NetScaler ADC: What It Means for Your Security Posture https://t.co/k7ryCZ7jBv
@UndercodeNews
11 Jul 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1⃣ CVE-2025-5959: Type Confusion in V8 in Google Chrome - https://t.co/YlFKlI5woW 2⃣ CVE-2025-47812: Wing FTP Server RCE Exploit - https://t.co/QIMvUFvKEI 3⃣ SailPoint IQService - RCE via Default Encryption Key - https://t.co/sl0odlvVQ5 4⃣ CVE-2025-5777 (Cit
@ksg93rd
11 Jul 2025
2623 Impressions
19 Retweets
71 Likes
47 Bookmarks
0 Replies
0 Quotes
In a rare move, CISA gave federal agencies just one day to patch Citrix Netscaler bug CVE-2025-5777 Patch ASAP #CitrixBleed2 #2Citrix2Bloody https://t.co/YLrwmmlbdL
@jgreigj
11 Jul 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA just added Citrix NetScaler CVE-2025-5777 to its KEV Catalog! Active exploits are targeting enterprises. Patch immediately! #Cybersecurity #CVEAlert https://t.co/d1SIjFdVlU
@xcybersecnews
11 Jul 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Americká CISA přidala do katalogu známých zneužívaných zranitelností (KEV) novou kritickou chybu v Citrix NetScaler ADC a NetScaler Gateway. Zranitelnost CVE-2025-5777 (CVSS score: 9.3), která si vysloužila přezdívku Citrix Bleed 2, spočívá v nedostatečné va
@AlefSecurity
11 Jul 2025
71 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5777 (Citrix Bleed 2) permitia leakar dados de memória via endpoint de autenticação; enviar login sem valor de '=' repetidas vezes vazava porções de memória não inicializada, possibilitando extrair tokens e credenciais.
@hashtagsec
11 Jul 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5777 : Citrix NetScaler Memory Leak Exploit (CitrixBleed 2) PoC https://t.co/JVdsYJFFBJ https://t.co/rP5Lej304x
@freedomhack101
11 Jul 2025
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 "CitrixBleed 2" vulnerability (CVE-2025-5777) under widespread exploitation - over 200,000 scanning attempts detected. Critical pre-auth flaw in Citrix NetScaler devices leaks memory containing session tokens, passwords & config data. Affects ADC and Gateway devices. h
@threatcluster
11 Jul 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-5777: Critical memory overread in Citrix NetScaler ADC/Gateway 🚨 Insufficient input validation on VPN/ICA/RDP Proxy & AAA servers CVSS 9.3 | EPSS 2.91 Full report & mitigation 👉 https://t.co/nv0kuV268T #CyberSecurity #CVE #ThreatIntel https://t.co
@BaseFortify
11 Jul 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5777 : Citrix NetScaler Memory Leak Exploit (CitrixBleed 2) https://t.co/OJCJhLzsQj https://t.co/ROPrTYD5GI
@cyber_advising
11 Jul 2025
1891 Impressions
7 Retweets
29 Likes
13 Bookmarks
0 Replies
0 Quotes
CitrixBleed is back and it’s leaking sensitive data again. Here’s what you need to know about CVE-2025-5777. @Akamai https://t.co/NDUWO5kry8 https://t.co/pu2nai3PEd
@ArminBolenius
11 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5777 becomes latest target in ongoing Citrix exploitation wave #DataBreach #Risk Full Story 👉 https://t.co/p2fDmyij7h https://t.co/SSLd3U7njR
@CSec88
11 Jul 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises https://t.co/hCmSzfbgnZ https://t.co/Lxuh05Nu0m
@talentxfactor
11 Jul 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) ثغرة أمنية حرجة في Citrix NetScaler ADC وGateway إلى قائمة الثغرات المعروفة المستغلة. الثغرة CVE-2025-5777، ال
@Cybercachear
11 Jul 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises https://t.co/284YkCvj6y
@TheCyberSecHub
11 Jul 2025
1015 Impressions
9 Retweets
9 Likes
1 Bookmark
0 Replies
0 Quotes
CISA incluye la vulnerabilidad CVE-2025-5777 de Citrix NetScaler en su catálogo KEV debido a explotaciones activas dirigidas a empresas. 👉 https://t.co/mNcEV2SPKo https://t.co/A84LpbIj5y
@EnigmaSecurity_
11 Jul 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 CISA has added the Citrix NetScaler vulnerability CVE-2025-5777 to its KEV catalog due to active exploitation targeting businesses. 🚨 👉 https://t.co/mNcEV2SPKo https://t.co/QwQXFnPsMI
@EnigmaSecurity_
11 Jul 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises https://t.co/yMBJ6Rdsst https://t.co/F27C4rKtZS
@RigneySec
11 Jul 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5777がKEVに登録されました。 この脆弱性がいつもと違うのは、今日発表されて対応期限が明日までということです。 アメリカ国家としてリスクが高いと判断しているのでしょうね。 https://t.co/gV8NG4g8qj
@shojiueda
11 Jul 2025
101 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D907BEC2-6930-4989-A6E1-847B4763BB12",
"versionEndExcluding": "12.1-55.328",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AF5A6EE-84A9-42AA-BC4B-7C3367D08CAF",
"versionEndExcluding": "13.1-37.235",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E219F46B-FCBE-4DA2-9094-6ED128E8AF66",
"versionEndExcluding": "13.1-37.235",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48A64F62-2A5A-40CB-A507-A48497BD749A",
"versionEndExcluding": "13.1-58.32",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6484AA47-81F8-4EE6-9F33-96DEFE2F66E1",
"versionEndExcluding": "14.1-43.56",
"versionStartIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C86D66F-888F-4519-B700-9ADC4EE6913C",
"versionEndExcluding": "13.1-58.32",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4E61FAA-9EAB-4F9B-887F-C5DC0DA0C633",
"versionEndExcluding": "14.1-43.56",
"versionStartIncluding": "14.1"
}
],
"operator": "OR"
}
]
}
]