Citrix has recently addressed a serious vulnerability (CVE-2025-5777) in its NetScaler ADC and Gateway products, drawing comparisons to the previous CitrixBleed flaw. This flaw, rated 9.3 for severity, enables remote exploitation without authentication, which can lead to the reading of sensitive session tokens, potentially bypassing multi-factor authentication. Security analysts have urged organizations to upgrade affected versions to mitigate risks, considering that exploitation could happen imminently. Citrix has highlighted the importance of addressing this vulnerability, especially in deployments using outdated software.
Organizations should treat the Citrix vulnerability as a potential IT incident, as exploitation in the wild is expected to occur eventually.
The new out-of-bounds read flaw, known as CVE-2025-5777, could allow attackers to read sensitive information and bypass multi-factor authentication.
Kevin Beaumont referred to the vulnerability as 'CitrixBleed 2' drawing parallels with the earlier CitrixBleed flaw that allowed impersonation of authenticated users.
Citrix has explicitly stated that versions 12.1 and 13.0 are vulnerable and are recommended to upgrade to supported builds to mitigate risks.
Collection
[
|
...
]