Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability
securityweek
The recently patched Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild, based on evidence uncovered by cybersecurity firm ReliaQuest.
Citrix informed customers about CVE-2025–5777 in an advisory published on June 17, saying that this critical vulnerability affecting NetScaler ADC and NetScaler Gateway could lead, in certain cases, to a memory overread.
The advisory initially said the vulnerability impacted the NetScaler management interface, but references to the management interface were removed shortly after and Citrix clarified that NetScaler instances are vulnerable when configured as a gateway for remote access or an AAA virtual server.
As security researcher Kevin Beaumont explained in a blog post, this apparently minor change made the vulnerability more serious as the management interface should typically not be exposed to the internet, but NetScaler is often configured for remote access in major organizations.
Beaumont warned that over 50,000 ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE