Critical Citrix NetScaler vulnerability leaks memory data

from Techzine Global 1 week ago

CVE-2025-5777, known as CitrixBleed2, is a critical vulnerability affecting Citrix NetScaler ADC and Gateway devices. It enables attackers to exploit uninitialized memory access through malformed login requests, allowing them to extract sensitive session data unimpeded. The flaw is due to insecure input handling with the snprintf function, causing memory leaks with each erroneous request. Despite Citrix's claims of no active exploitation, evidence suggests that malicious actors are actively targeting this vulnerability to take over sessions.

Researchers from watchTowr and Horizon3.ai warn that the CitrixBleed2 vulnerability allows attackers to steal sensitive session data with simple login requests.

The vulnerability permits attackers to read memory content directly by sending malicious POST requests during login without any authentication.

The insecure handling of input allows uninitialized memory data to be leaked, enabling attackers to collect sensitive information undetected.

CitrixBleed2 is similar to CVE-2023-4966, which was used in 2023 by ransomware groups for session takeover and network infiltration.

Read at Techzine Global

#citrix #cybersecurity #vulnerability #netscaler #session-hijacking

Collection

[

...

]

Critical Citrix NetScaler vulnerability leaks memory dataCritical Citrix NetScaler vulnerability leaks memory data Briefly

Critical Citrix NetScaler vulnerability leaks memory data
Critical Citrix NetScaler vulnerability leaks memory data
Briefly