A newly identified vulnerability, CVE-2025-5777, in Citrix NetScaler ADC and Gateway appliances poses a major security threat, scoring 9.3 on the CVSS scale. Dubbed Citrix Bleed 2, this flaw allows attackers to hijack authenticated sessions and circumvent multifactor authentication by stealing session tokens from memory. Although no public exploitations are reported yet, analysts at ReliaQuest note evidence of ongoing attacks, urging organizations to patch their systems swiftly and terminate active sessions to prevent further risks.
While no public reporting of exploitation for this vulnerability has emerged, ReliaQuest has observed indications of exploitation to gain initial access.
Citrix recommends patching affected systems to the latest versions and terminating active sessions to mitigate session hijacking and further risks.
Collection
[
|
...
]