The US Cybersecurity and Infrastructure Security Agency confirmed that CVE-2025-5777, referred to as CitrixBleed 2, is being actively exploited to hijack user sessions. The agency added this vulnerability to its list of Known Exploited Vulnerabilities, citing significant risks for federal enterprises. The critical bug has a CVSS score of 9.3 and allows remote attackers to read sensitive information, including session tokens. Citrix had issued a fix for this flaw on June 17, following warnings from researchers about potential exploitations. By July, multiple exploits had emerged, highlighting the severity of the issue.
CISA added the critical security flaw CVE-2025-5777, or CitrixBleed 2, to its Known Exploited Vulnerabilities catalog due to evidence of its active exploitation.
CitrixBleed 2, a CVSS 9.3-rated flaw, allows remote, unauthenticated attackers to read sensitive information like session tokens from NetScaler devices.
Collection
[
|
...
]