CVE-2025-5349

Name of the Vulnerable Software and Affected Versions Citrix NetScaler Application Delivery Controller (formerly Citrix ADC) and Citrix NetScaler Gateway (formerly Citrix Gateway)

Description Improper access control exists on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway. This allows a remote attacker to impact the confidentiality, integrity, and availability of protected information. This issue is actively exploited and raises significant security concerns similar to the "CitrixBleed" crisis in 2023, potentially leading to widespread breaches. The vulnerability involves improper access control on the management interface, potentially allowing unauthorized users to gain access to sensitive areas and make unauthorized changes or cause data breaches.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.