CitrixBleed 2 - Geek Feed

Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug

August 15, 2025August 15, 2025 geekfeed0Tagged Actively Exploited, Citrix, CitrixBleed 2, CitrixBleed2, CVE-2025-5777, Netscaler, vulnerability

Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. Tracked as CVE-2025-5777 and referred to as CitrixBleed 2, this out-of-bounds memory read vulnerability results from insufficient input validation, enabling unauthenticated attackers to access restricted memory regions remotely […]

2 mins read

Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks

July 20, 2025July 20, 2025 geekfeed0Tagged Actively Exploited, Citrix, Citrix Bleed 2, CitrixBleed 2, CVE-2025-5777, Session, vulnerability

A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed “CitrixBleed 2,” was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. GreyNoise has confirmed its honeypots detected targeted exploitation from IP addresses located in China on June 23, 2025. “GreyNoise has observed […]

5 mins read

New ‘CitrixBleed 2’ NetScaler flaw let hackers hijack sessions

June 28, 2025June 28, 2025 geekfeed0Tagged Citrix, Citrix ADC, Citrix Bleed, Citrix Gateway, CitrixBleed, CitrixBleed 2, CVE-2025-5777, Information Disclosure, vulnerability

A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed “CitrixBleed 2,” after its similarity to an older exploited flaw that allowed unauthenticated attackers to hijack authentication session cookies from vulnerable devices. Last week, Citrix published a security bulletin warning about flaws tracked as CVE-2025-5777 and CVE-2025-5349 that impact NetScaler ADC and Gateway versions before 14.1-43.56, releases before […]

3 mins read