THREAT OPS › CVEs › CVE-2025-5777
CVE-2025-5777 — Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
Vulnerability details
- Affected productsNetScaler ADC and Gateway
- KEV remediation due2025-07-11
Related reporting
- CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451)watchtowr
- CitrixBleed 2 (CVE-2025-5777) 7Steps to Dragonforce Ransomware | Huntresshuntress
- Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2)watchtowr
- The Sequels Are Never As Good, But We're Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread)watchtowr