← Back to Vulnerability Reports CVE Intelligence

CVE-2025-5777

Citrix NetScaler ADC And Gateway In the wild In CISA KEV

What is CVE-2025-5777?

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

CVSSawaiting NVD
Exploitation In the wild In CISA KEV
EPSS100% · P100
Triage statusActive Exploit
ActionPatch immediately

Timeline

  • 2025-07-10Added to the CISA Known Exploited Vulnerabilities (KEV) catalog
  • 2025-07-11CISA federal remediation deadline (BOD 22-01)
  • 2026-07-03First covered in a defend.network daily briefing

CISA Known Exploited Vulnerability

Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability

Added to KEV2025-07-10
Federal patch deadline2025-07-11
Known ransomware useKnown

Affected product

Citrix NetScaler ADC And Gateway

Remediation Steps

  1. Patch Citrix systems to the latest patched version
  2. Review network access logs for evidence of Citrix Bleed 2 exploitation
  3. Monitor for suspicious Remote Management and Monitoring (RMM) tool usage
  4. Enforce multi-factor authentication and credential controls to limit lateral movement impact

Browse all tracked CVEs in the defend.network CVE database →

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Get Critical CVE Alerts

Subscribe free and hear about actively exploited CVEs like this one first.