Citrix NetScaler ADC & Gateway, out-of-bounds memory read (CitrixBleed 2)
Insufficient input validation in Citrix NetScaler ADC and Gateway causes a memory over-read when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server. An unauthenticated remote attacker can send crafted requests that leak uninitialized memory in the response, frequently exposing valid session tokens and enabling session hijacking and multi-factor authentication bypass.
Overview
CVE-2025-5777, dubbed "CitrixBleed 2", is a critical out-of-bounds memory read affecting Citrix NetScaler ADC and Gateway. When the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server, an unauthenticated remote attacker can repeatedly leak chunks of uninitialized process memory in HTTP responses. Those leaks frequently contain live session tokens, allowing attackers to hijack authenticated sessions and bypass multi-factor authentication. It is the spiritual successor to the 2023 "CitrixBleed" (CVE-2023-4966) and was exploited in the wild before reliable public detection existed.
Technical Details
The flaw stems from insufficient input validation that lets a request reach a code path returning more memory than it should. By sending malformed authentication requests, an attacker forces NetScaler to reflect uninitialized stack/heap memory back in the response body. Repeated requests page through memory and harvest valid NSC_AAAC / session cookies and other secrets. Because the tokens are captured post-authentication, possessing them lets the attacker resume a fully authenticated session without credentials or MFA.
Citrix scores the issue CVSS 4.0 9.3 (Critical); NVD's CVSS 3.1 base is 7.5 (High) because the primary impact is confidentiality, but the practical consequence (session theft on an internet-facing VPN) is severe.
Impact
- Session hijacking: Stolen tokens grant authenticated access to internal applications behind the gateway.
- MFA bypass: Hijacked sessions are already past the MFA challenge.
- Credential and secret exposure: Leaked memory can contain additional sensitive material.
- Foothold for lateral movement: NetScaler sits at the network edge with reach into internal resources.
Mitigation
- Patch immediately to NetScaler ADC & Gateway 14.1-43.56, 13.1-58.32, 13.1-FIPS/NDcPP 13.1-37.235, or 12.1-FIPS 12.1-55.328 (or later).
- 12.1 and 13.0 are End of Life and receive no fix - upgrade to a supported branch.
- After patching, terminate all active ICA and PCoIP sessions (
kill icaconnection -all,kill pcoipConnection -all) to invalidate any tokens already stolen. - Rotate secrets reachable from the appliance and review authentication logs for anomalous session reuse.
Detection
- Hunt for a single session token used from multiple, geographically inconsistent source IPs.
- Look for bursts of malformed POST requests to authentication endpoints (
/p/u/doAuthentication.do). - Review NetScaler logs for unexpected session re-use after the disclosure date (June 17, 2025); CISA added the CVE to the Known Exploited Vulnerabilities catalog on July 10, 2025.