Over 1,200 unpatched Citrix NetScaler appliances are vulnerable to a critical flaw (CVE-2025-5777) that could allow attackers to hijack user sessions and bypass multi-factor authentication. Security experts warn that these vulnerabilities are actively being exploited in targeted attacks, emphasizing the need for immediate patching and secure configurations. #CitrixBleed2 #CVE2025-5777
Keypoints
- Over 1,200 Citrix NetScaler appliances remain unpatched against a critical vulnerability.
- The CVE-2025-5777 flaw allows attackers to hijack sessions and access sensitive data.
- Exploited in targeted attacks, the vulnerability can bypass multi-factor authentication.
- Citrix has recommended immediate updates and session termination to prevent exploitation.
- Security analysts observed signs of ongoing exploitation, including session hijacking activities.