institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

CitrixBleed 2 Flaws Are Officially Here - so Get Patching or Leave Your Systems at Risk

  • Citrix disclosed a critical vulnerability, CVE-2025-5777, known as CitrixBleed 2, affecting NetScaler ADC and Gateway devices in versions 14.1 and before 47.46 and 13.1 and before 59.19.
  • Security researchers and analysts revealed that this 9.3-severity out-of-bounds read flaw arises from insufficient input validation and resembles the 2023 CitrixBleed vulnerability previously exploited in ransomware attacks.
  • The vulnerability allows attackers to hijack user sessions by extracting sensitive data such as session tokens, credentials, and bypass multifactor authentication on affected Gateway or AAA virtual servers.
  • ReliaQuest reported active exploitation to gain initial access, while Citrix urges immediate patching and warned customers on June 17 to terminate active sessions and upgrade appliances to block attacks.
  • More than 2,100 appliances remain vulnerable, with a reported exploit price of $70,000 and additional high-severity flaws patched this week, highlighting ongoing risks for IT teams facing multiple critical vulnerabilities.
Insights by Ground AI
Does this summary seem wrong?

11 Articles

All
Left
Center
2
Right
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

cyble.com broke the news in on Monday, June 30, 2025.
Sources are mostly out of (0)

Similar News Topics