Citrix users are back in the crosshairs, as a new out-of-bounds read vulnerability, reminiscent of the notorious “Citrix Bleed,” has surfaced with signs already pointing to active exploitation.
The vulnerability tracked as CVE-2025-5777 and dubbed “Citrix Bleed 2” by the researchers, is an insufficient input validation issue affecting Citrix NetScaler ADC and NetScaler Gateway devices, leading to memory overread as described by a recent Citrix advisory.
According to a ReliaQuest research, the flaw might already be allowing attackers to hijack user sessions and bypass MFA authentication. “While no public exploitation of CVE-2025-5777 has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments,” the researchers said in a blog post.
The cybersecurity outfit is urging Citrix customers to immediately patch the affected systems and follow necessary additional steps outlined by the company to secure against ongoing exploitation.
Token theft via out-of-bounds memory read
The vulnerability, assigned a critical severity rating of CVSS 9.3 out of 10, stems from insufficient input validation, enabling attackers to perform an out-of-bounds memory read on NetScaler devices configured as Gateway or Authentication, Authorization, and Accounting (AAA) virtual servers.
The flaw mirrors the original Citrix Bleed denial-of-service (DoS) vulnerability in that it enables a memory leak, as with simple HTTP requests previously.
Unlike traditional session cookie theft tactics, which include cross-site scripting (XSS) and man-in-the-middle (MITM) attacks, Citrix Bleed 2 targets session tokens, which are often used for APIs and persistent authentication. These tokens can be stolen and reused to bypass MFA and maintain access, even after legitimate users have signed off.
Well-known British cybersecurity researcher and threat analyst Kevin Beaumont colorfully compared the flaw to “Kanye West returning to Twitter,” the same old chaos but louder.
Citrix released patches on June 17 for versions 14.1, 13.1, and equivalent FIPS/NDcPP builds. Versions 12.1 and 13.0 are EOL, and an upgrade is mandatory.
Indications of real-world exploitation
ReliaQuest researchers said that, in multiple incidents, attackers were seen hijacking active Citrix web sessions and bypassing multi-factor authentication (MFA) without requiring user credentials. The research also highlighted “session reuse across multiple IPs, including combinations of expected and suspicious IPs.”
In compromised environments, attackers proceeded with post-authentication reconnaissance, issuing lightweight directory access protocol (LDAP) queries and running tools like ADExplorer64.exe to map out Active Directory structures.
“Multiple instances of the “ADExplorer64.exe” tool across the environment, querying domain-level groups and permissions and connecting to multiple domain controllers, were observed,” researchers added. Additionally, many of the malicious sessions originated from consumer VPN services and data center IPs, which further obscured the attackers’ identities while maintaining persistence inside networks.
Apart from applying the patches, organizations are also advised to audit external NetScaler exposure (via tools like Shodan) and implement network ACLs or access restrictions until fully patched. After successful patching, Citrix advised admins to terminate all active ICA and PCoIP sessions for an added layer of protection.