Recent security alerts highlight a critical security vulnerability impacting Citrix NetScaler ADC and Citrix NetScaler Gateway products, identified as CVE-2025-5777 and being referred to as CitrixBleed 2. Reports indicate potential active exploitation of this flaw is occurring in the wild. This poses a significant risk to organizations using affected versions.
Security researchers have observed activity suggesting attackers are beginning to target this vulnerability. The CitrixBleed 2 vulnerability could allow attackers to bypass authentication, hijack sessions, or gain unauthorized access to sensitive information and internal networks. Given the high potential for immediate impact, this is considered a severe threat. Organizations using Citrix NetScaler ADC or Citrix NetScaler Gateway are urged to take immediate action. Consult the official security advisories from the vendor and apply the necessary security updates or mitigation measures without delay. Proactively addressing this critical vulnerability through urgent patching is essential to protect against potential attacks leveraging CVE-2025-5777. Failure to patch leaves systems exposed to active exploitation.
Source: https://www.helpnetsecurity.com/2025/06/30/citrixbleed-2-might-be-actively-exploited-cve-2025-5777/
