What is CVE-2025-5777?
Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Timeline
- 2025-07-10Added to the CISA Known Exploited Vulnerabilities (KEV) catalog
- 2025-07-11CISA federal remediation deadline (BOD 22-01)
- 2026-07-03First covered in a defend.network daily briefing
CISA Known Exploited Vulnerability
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Affected product
Citrix NetScaler ADC And Gateway
Remediation Steps
- Patch Citrix systems to the latest patched version
- Review network access logs for evidence of Citrix Bleed 2 exploitation
- Monitor for suspicious Remote Management and Monitoring (RMM) tool usage
- Enforce multi-factor authentication and credential controls to limit lateral movement impact
References
Referenced in our briefings & reports
- Vulnerability Priority Report – Week 5 of June 2026 (June 29 – July 5)
- NetNut seized; Citrix Bleed 2 exploited; ToddyCat hijacks Gmail via OAuth (2026-07-03)
Browse all tracked CVEs in the defend.network CVE database →
🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.