CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)

Update: 2025-07-21

Description

Critical Alert: CVE-2025-5777 – Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)!

Organizations relying on Citrix NetScaler ADC and Gateway for secure remote access must act immediately. This newly uncovered vulnerability allows unauthenticated attackers to leak sensitive memory—including session tokens—by sending malformed authentication requests.

Exploited in the wild and backed by public PoC code, this flaw enables session hijacking, MFA bypass, and potential lateral movement inside enterprise networks. Given its low complexity and global attack surface, CVE-2025-5777 is a high-priority threat for critical sectors like government, finance, and telecom.
Apply patches, terminate active sessions, restrict exposure, and monitor for abnormal authentication flows!

Link to the Research Report: https://www.cyfirma.com/research/cve-2025-5777-pre-auth-memory-leak-in-citrix-netscaler-citrixbleed-2/

#CyberSecurity #CitrixBleed2 #CVE20255777 #NetScaler #ThreatIntel

#ExternalThreatLandscapeManagement #ZeroTrust #VulnerabilityAlert

#SessionHijack #MFABypass #ETLM #CYFIRMA #CYFIRMAresearch

https://www.cyfirma.com/

Comments

In Channel

CYFIRMA Research- APT36 Campaign Targets Indian Defense BOSS Linux system

2025-08-2903:41

CYFIRMA Research- Lazarus Stealer

2025-08-2904:17

CYFIRMA Research- Android Malware Posing as Indian Bank Apps

2025-08-2808:44

CYFIRMA Research- Raven Stealer

2025-08-1804:00

CYFIRMA Research: EdskManager RAT- Multi-Stage Malware with HVNC and Evasion Capabilities

2025-07-2505:15

CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)

2025-07-2105:00

CYFIRMA Research- Octalyn Stealer Unmasked

2025-07-1804:58

CYFIRMA Research- Tracking Ransomware- June 2025

2025-07-1604:54

CYFIRMA Research- RENDERSHOCK- Weaponizing Trust in File Rendering Pipelines

2025-07-1505:58

CYFIRMA Research- GitHub Abused to Spread Malware Disguised as Free VPN

2025-07-1405:19

CYFIRMA Research- Phishing Attack: Deploying Malware on Indian Defense BOSS Linux

2025-07-0803:20

CYFIRMA Research - 12-Day War update

2025-07-0207:40

CYFIRMA Research- Odyssey Stealer

2025-06-2605:26

CYFIRMA Research- APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware

2025-06-2406:36

CYFIRMA Research- Tracking Ransomware: May 2025

2025-06-1804:04

CYFIRMA Research: Understanding CyberEye RAT Builder- Capabilities and Implications

2025-06-1605:30

CYFIRMA Research: Ukraine's Attack on Russia's Strategic Air Force- Live Feed from Revolution in Military Affairs

2025-06-1308:35

CYFIRMA Research: DuplexSpy RAT- A Stealthy Windows Malware Enabling Full Remote Control and Surveillance

2025-06-1106:14

CYFIRMA Research: Firewalls and Frontlines- The India-Pakistan Cyber Battlefield Crisis

2025-06-0606:47

CYFIRMA Research- Versa Concerto: Understanding and Mitigating CVE-2025-34027

2025-06-0404:27

00:00

CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)

#box-pro-ellipsis-175672972602117{-webkit-line-clamp:2;}CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)

CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)

CYFIRMA

CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)