CVE-2025-5777, a critical bug in Citrix NetScaler ADC and Gateway, has a high CVSS score of 9.3. This flaw allows remote, unauthenticated attackers to access sensitive data, such as session tokens, from configured devices. It enables exploitation that could lead to the bypassing of multi-factor authentication and user session hijacking. Despite a patch issued, a significant number of users have not yet implemented it, leaving them vulnerable to attacks similar to those experienced with a previous flaw known as CitrixBleed.
CVEs like CVE-2025-5777 represent a critical security flaw, which enables remote and unauthenticated attackers to read sensitive information from Citrix devices configured as gateways.
The risk posed by CVE-2025-5777 includes bypassing multi-factor authentication and hijacking user sessions, representing serious threats to critical systems.
Collection
[
|
...
]