Detections
Analytics

CVE-2025-6543

critical

Description

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

From the Tenable Blog

CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation
CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation

Published: 2025-06-27

Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, including CVE-2025-5777 known as CitrixBleed 2.

References

https://www.databreachtoday.com/attackers-now-scanning-extensively-for-citrix-bleed-2-a-28959

https://thehackernews.com/2025/07/cisa-adds-citrix-netscaler-cve-2025.html

https://www.databreachtoday.com/attackers-actively-exploit-citrix-bleed-2-vulnerability-a-28907

https://thehackernews.com/2025/07/cisa-adds-four-critical-vulnerabilities.html

https://horizon3.ai/attack-research/attack-blogs/cve-2025-5777-citrixbleed-2-write-up-maybe/

https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/

https://www.bleepingcomputer.com/news/security/citrix-warns-of-login-issues-after-netscaler-auth-bypass-patch/

https://www.securityweek.com/thousands-of-citrix-netscaler-instances-unpatched-against-exploited-vulnerabilities/

https://www.helpnetsecurity.com/2025/06/30/citrixbleed-2-might-be-actively-exploited-cve-2025-5777/

https://www.bleepingcomputer.com/news/security/over-1-200-citrix-servers-unpatched-against-critical-auth-bypass-flaw/

https://securityaffairs.com/179476/hacking/u-s-cisa-adds-citrix-netscaler-flaw-to-its-known-exploited-vulnerabilities-catalog.html

https://www.securityweek.com/evidence-suggests-exploitation-of-citrixbleed-2-vulnerability/

https://www.infosecurity-magazine.com/news/citrixbleed-2-vulnerability/

https://www.securityweek.com/critical-citrix-netscaler-flaw-exploited-as-zero-day/

https://reliaquest.com/blog/threat-spotlight-citrix-bleed-2-vulnerability-in-netscaler-adc-gateway-devices/

https://www.theregister.com/2025/06/25/citrix_netscaler_critical_bug_exploited/

https://www.bleepingcomputer.com/news/security/citrix-warns-of-netscaler-vulnerability-exploited-in-dos-attacks/

https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html

https://cyberscoop.com/citrix-zero-day-netscaler/

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788

Details

Source: Mitre, NVD

Published: 2025-06-25

Updated: 2025-07-01

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

CVSS v4

Base Score: 9.2

Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Severity: Critical

EPSS

EPSS: 0.03542

Vulnerability Watch

Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.

Vulnerability of Interest