// For flags

CVE-2025-5777

Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability

Severity Score

9.3
*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

14
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

Act
*SSVC
Descriptions

Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
High
Low
Integrity
High
Low
Availability
High
Low
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Act
Exploitation
Active
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2025-06-06 CVE Reserved
  • 2025-06-17 CVE Published
  • 2025-06-30 First Exploit
  • 2025-07-10 Exploited in Wild
  • 2025-07-11 KEV Due Date
  • 2025-07-17 CVE Updated
  • 2025-07-17 EPSS Updated
CWE
  • CWE-125: Out-of-bounds Read
  • CWE-457: Use of Uninitialized Variable
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
NetScaler
Search vendor "NetScaler"
ADC
Search vendor "NetScaler" for product "ADC"
>= 14.1 < 43.56
Search vendor "NetScaler" for product "ADC" and version " >= 14.1 < 43.56"
en
Affected
NetScaler
Search vendor "NetScaler"
ADC
Search vendor "NetScaler" for product "ADC"
>= 13.1 < 58.32
Search vendor "NetScaler" for product "ADC" and version " >= 13.1 < 58.32"
en
Affected
NetScaler
Search vendor "NetScaler"
Gateway
Search vendor "NetScaler" for product "Gateway"
>= 14.1 < 43.56
Search vendor "NetScaler" for product "Gateway" and version " >= 14.1 < 43.56"
en
Affected
NetScaler
Search vendor "NetScaler"
Gateway
Search vendor "NetScaler" for product "Gateway"
>= 13.1 < 58.32
Search vendor "NetScaler" for product "Gateway" and version " >= 13.1 < 58.32"
en
Affected