What is the CVSS score of CVE-2025-5777?

CVE-2025-5777 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 69.8%.

Which versions of Netscaler Application Delivery Controller are affected by CVE-2025-5777?

Citrix NetScaler ADC and Gateway deployments are actively exploited for a memory disclosure vulnerability (CVE-2025-5777) that allows unauthenticated attackers to extract sensitive data including…. A patch is available.

Is there a public PoC exploit available for CVE-2025-5777?

Yes, a public proof-of-concept exploit is available for CVE-2025-5777. Prioritise patching immediately. EPSS: 69.8%.

How to fix or mitigate CVE-2025-5777?

Within 24 hours: Identify all Citrix NetScaler ADC and Gateway instances configured as VPN or AAA virtual servers and isolate or restrict network access until patching completes. Within 7 days: Apply the vendor-released patch to all affected appliances; coordinate with Citrix security advisories for the specific fixed version applicable to your deployment. Within 30 days: Rotate all credentials and encryption keys that may have been exposed during the vulnerability window, and conduct forensic review of access logs for exploitation attempts.

Netscaler Application Delivery Controller CVE-2025-5777

EUVD-2025-18497 HIGH

Out-of-bounds Read (CWE-125)

2025-06-17 secure@citrix.com

Information Disclosure Memory Corruption Citrix Netscaler Application Delivery Controller Netscaler Gateway

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:38 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

58.32,43.56

EUVD ID Assigned

Mar 14, 2026 - 22:15 euvd

EUVD-2025-18497

Analysis Generated

Mar 14, 2026 - 22:15 vuln.today

Added to CISA KEV

Oct 30, 2025 - 20:10 cisa

CISA KEV

PoC Detected

Oct 30, 2025 - 20:10 vuln.today

Public exploit code

CVE Published

Jun 17, 2025 - 13:15 nvd

HIGH 7.5

DescriptionNVD

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

AnalysisAI

Citrix NetScaler ADC and Gateway contain an input validation vulnerability (CVE-2025-5777, CVSS 7.5) leading to memory overread when configured as VPN or AAA virtual server. KEV-listed with EPSS 69.8% and public PoC, this vulnerability enables remote unauthenticated attackers to read sensitive data from the appliance's memory, potentially exposing session tokens, credentials, and encryption keys — similar to the Heartbleed class of memory disclosure bugs.

Technical ContextAI

The vulnerability is a Heartbleed-style memory overread in the VPN/AAA components of NetScaler. Insufficient validation of input length fields allows an attacker to read beyond buffer boundaries into adjacent memory. This memory may contain: active session tokens (enabling session hijacking), plaintext credentials from recent VPN authentications, TLS private keys (enabling MITM decryption), and other sensitive data stored in the appliance's memory.

RemediationAI

Apply Citrix security update immediately. After patching: invalidate all active VPN sessions and force re-authentication. Rotate TLS certificates and private keys (they may have been exposed). Review VPN access logs for session hijacking indicators. Audit for unauthorized internal access.

CVE-2025-5777 vulnerability details – vuln.today

Back

Netscaler Application Delivery Controller CVE-2025-5777

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code