Attackers Actively Exploit 'Citrix Bleed 2' Vulnerability
bankinfosecurityCitrix Issues Patches to Counter Active Attacks Against Two Critical Vulnerabilities Mathew J. Schwartz (euroinfosec) • July 7, 2025

Administrators of Citrix Netscaler devices should immediately patch their devices to fix two actively exploited vulnerabilities. One, dubbed Citrix Bleed 2, can be abused by hackers to bypass multifactor authentication, hijack user sessions and gain unauthorized access to the equipment.
See Also: Cyber Hygiene and Asset Management Perception vs. Reality
The vulnerabilities are present in customer-managed NetScaler ADC, formerly Citrix ADC and NetScaler Gateway, formerly Citrix Gateway devices that customers manage themselves.
Citrix on June 17 released a patch to fix a critical vulnerability in NetScaler ADC and NetScaler Gateway 14.1, 13.1 and NetScaler ADC 13.1-FIPS and NDcPP," tracked as CVE-2025-5777, with a CVSS score of 9.2. After patching, Citrix said administrators must terminate all active ICA and PCoIP sessions.
The company said "NetScaler ADC and ...
Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE