**Name of the Vulnerable Software and Affected Versions:**

Citrix NetScaler ADC and Gateway versions prior to 14.1-29.72

Citrix NetScaler ADC and Gateway versions prior to 13.1-58.32

**Description:**

Citrix NetScaler ADC and Gateway are affected by an out-of-bounds read vulnerability due to insufficient input validation. This allows unauthenticated remote attackers to potentially leak sensitive information, including session tokens, and hijack user sessions. Exploitation of this vulnerability, dubbed "CitrixBleed 2" (CVE-2025-5777), has been observed in the wild, with active exploitation attempts detected prior to the public release of a proof-of-concept exploit. The vulnerability is particularly critical when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. Over 1,200 systems have been identified as potentially vulnerable.

**Recommendations:**

Citrix NetScaler ADC and Gateway versions prior to 14.1-29.72: Upgrade to version 14.1-29.72 or later.

Citrix NetScaler ADC and Gateway versions prior to 13.1-58.32: Upgrade to version 13.1-58.32 or later.

Terminate all ICA and PCoIP sessions after patching to prevent hijacked sessions from persisting.