How severe is CVE-2025-5777?

CVE-2025-5777 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-5777

Name: netscaler_application_delivery_controller
Author: citrix

7.5HIGH

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

게시됨: 6/17/2025업데이트됨: 10/30/2025

CISA 알려진 악용 취약점

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

필요한 조치:

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

마감일:

2025-07-11

알려진 랜섬웨어 사용

설명

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

AI 분석AI 기반

영향받는 제품

citrixnetscaler_application_delivery_controller

citrixnetscaler_gateway

CISA 알려진 악용 취약점

설명

AI 분석AI 기반

영향받는 제품

사용 가능한 익스플로잇 (1)

Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure

참조