logo
Home/CVEs/CVE-2025-5777/

CVE-2025-5777 - Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability

Project:Citrix

Product:NetScaler ADC and Gateway

Date Added:2025-07-10Due Date:2025-07-11

Vulnerability Name

Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability

Description

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420

https://nvd.nist.gov/vuln/detail/CVE-2025-5777

Related News Articles

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patchJuly 11, 2025