On June 17, 2025, Citrix disclosed CVE-2025-5777, an out-of-bounds read in NetScaler ADC and Gateway that leaks process memory, including session tokens, across a malformed authentication request. Security researchers quickly dubbed it "Citrix Bleed 2" because the primitive and the impact rhyme with CVE-2023-4966, the original Citrix Bleed that fueled the Boeing, Comcast Xfinity, and Allen & Overy breaches in late 2023. By July 7, ReliaQuest reported observed exploitation in the wild with at least 11 confirmed victim organizations, and Shadowserver was scanning 56,000 internet-facing NetScaler instances, of which 42% remained on vulnerable builds. The parallels to 2023 are uncomfortable, and so is the fact that many of the same organizations are on the list again. Here is the technical picture and a practical response path.
What is the actual vulnerability in CVE-2025-5777?
CVE-2025-5777 is an insufficient input validation issue in the NetScaler authentication endpoint that, when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server, allows an unauthenticated attacker to read uninitialized stack memory. A single malformed POST to /p/u/doAuthentication.do returns a variable-length leak per request. Citrix assigned it CVSS 9.3 and rated it Critical. The disclosed fixed builds are NetScaler ADC and Gateway 14.1-43.56, 13.1-58.32, and 13.1-FIPS 13.1-37.235-FIPS. NetScaler 12.1 and 13.0 are end-of-life and will not receive patches.
How are attackers weaponizing the leak?
They are hunting for valid session cookies and using them to hijack authenticated Gateway sessions, bypassing MFA entirely. In a post-exploitation report published July 15, 2025, researchers documented roughly 250 leak requests per minute from a single attacker IP against one victim before a usable NSC_AAAC cookie was obtained. Once hijacked, the session inherits the original user's VPN posture, after which attackers have pivoted to Active Directory reconnaissance, Veeam backup servers, and ESXi hypervisors, the same playbook seen with CVE-2023-4966. At least one ransomware affiliate cluster tracked as "Pioneer Kitten"-adjacent has been linked to Citrix Bleed 2 access-broker sales on Russian-language forums.
Who is most exposed in July 2025?
Organizations running NetScaler as an external Gateway that have delayed patch cycles, particularly those on 13.1 non-FIPS builds older than 58.32 and 14.1 builds older than 43.56. Shadowserver's July 20 snapshot showed Germany, the United States, France, and the United Kingdom leading exposure counts, with healthcare, higher education, and legal services disproportionately represented, consistent with the 2023 victim profile. FIPS customers on 12.1-FIPS remain in the worst position because no patched build exists; Citrix's guidance is to decommission or migrate.
What response actions actually work?
Patching alone is insufficient because session tokens exfiltrated before patching remain valid. The effective sequence is upgrade, then invalidate, then hunt.
# On NetScaler after upgrading:
kill icaconnection -all
kill pcoipConnection -all
kill aaa session -all
kill rdp connection -all
clear lb persistentSessions
Then rotate any secrets that traversed the Gateway, search web logs for POSTs to /p/u/doAuthentication.do with anomalous body lengths, and review NSPPE core dumps for indicators. CISA added CVE-2025-5777 to the Known Exploited Vulnerabilities catalog on July 10, 2025, with a federal remediation deadline of July 31.
How should this change your patching strategy for edge appliances?
Treat internet-facing authentication concentrators as the highest-risk class of software you run and give them an SLA closer to 72 hours than 30 days. Citrix Bleed 2 arrived 20 months after Citrix Bleed 1 in the same code path; assume a third is coming. Inventory NetScaler, Ivanti Connect Secure, Fortinet SSL VPN, Palo Alto GlobalProtect, and F5 BIG-IP APM under a dedicated "edge auth" policy tier, with automatic blocking of known-vulnerable builds at the deployment gate.
How Safeguard Helps
Safeguard tracks NetScaler and other edge appliance components as first-class assets inside product SBOMs, correlates them against KEV and EPSS feeds in real time, and raises a finding the moment a build falls below the fixed-version threshold. Policy gates can block deployment of configurations that include end-of-life 12.1 or 13.0 builds. When a CVE like 2025-5777 lands, customers can query every product that exposes a NetScaler Gateway, generate a prioritized remediation plan with session-kill and rotation steps, and ship a CSAF VEX statement to downstream consumers, all from the same dashboard.