Citrix Bleed 2 (CVE-2025-5777) is a critical vulnerability in NetScaler ADC and Gateway, which is now believed to be actively exploited by attackers to hijack sessions and access sensitive data. Security updates and session management are essential to mitigate this threat. #CitrixBleed2 #NetScalerVulnerability
Keypoints
- Citrix Bleed 2 is a high-severity out-of-bounds memory read flaw affecting NetScaler devices.
- Attackers can exploit this vulnerability to steal session tokens, credentials, and bypass MFA.
- Recent activity indicates targeted attacks involving session hijacking and Active Directory reconnaissance.
- Citrix recommends updating to the latest firmware versions and reviewing active sessions for suspicious activity.
- Immediate mitigation includes terminating hijacked sessions and restricting external access via network controls.