CyberVeille.chJul 22, 2025
📢 Vulnérabilité critique CitrixBleed 2 affectant Citrix NetScaler ADC et Gateway
📝 Cet article publié sur Medium par le @knownsec404team analyse la vulnérabilité critique...
📖 cyberveille : https://cyberveille.ch/posts/2025-07-21-vulnerabilite-critique-citrixbleed-2-affectant-citrix-netscaler-adc-et-gateway/
🌐 source : https://medium.com/@knownsec404team/root-cause-analysis-of-the-citrixbleed-2-cve-2025-5777-vulnerability-dc7278bd5ffb
#CVE_2025_5777 #CitrixBleed #Cyberveille
Vulnérabilité critique CitrixBleed 2 affectant Citrix NetScaler ADC et Gateway

Cet article publié sur Medium par le @knownsec404team analyse la vulnérabilité critique CVE-2025-5777, surnommée CitrixBleed 2, qui affecte les produits Citrix NetScaler ADC et Gateway. Cette vulnérabilité a un score CVSS de 9.3, indiquant sa gravité élevée. La vulnérabilité provient d’une validation d’entrée insuffisante dans la logique de parsing d’authentification, permettant aux attaquants d’extraire des contenus mémoire sensibles tels que des identifiants et des tokens de session via des requêtes HTTP spécialement conçues.

CyberVeille
Marcel SIneM(S)USJul 20, 2025
#CitrixBleed2: Kritische Netscaler-Lücke wird seit fast einem Monat ausgenutzt | Security https://www.heise.de/news/Citrix-Bleed-2-Kritische-Netscaler-Luecke-wird-seit-fast-einem-Monat-ausgenutzt-10492320.html #Patchday #CyberCrime #DataLeak #Datenleck #Datenschutz #privacy #CitrixBleed
Citrix Bleed 2: Kritische Netscaler-Lücke wird seit fast einem Monat ausgenutzt

Bereits in der letzten Juniwoche suchten mutmaßlich chinesische Akteure gezielt nach verwundbaren Netscaler-Geräten. Citrix hat einen Tipp für seine Kunden.

heise online
DrWhaxJul 19, 2025
Perhaps the EU should only allow Tailscale like VPN's for remote connectivity... #citrixbleed
IT InsightsJul 18, 2025
🚨 Urgent! CitrixBleed 2 al 2 weken geëxploiteerd. Patch NU om risico's te beperken! 🔒 #cybersecurity #CitrixBleed 
https://itinsights.nl/cybersecurity/citrix-loog-bleed-2-weken-geexploiteerd-patch-nu/
Citrix loog: Bleed 2 weken geëxploiteerd! Patch NU!

IT Insights De ernst van de situatie wordt benadrukt door het feit dat aanvallers CitrixBleed 2 al actief misbruikten voordat er publiekelijk beschikbare exploits waren.

IT INSIGHTS
GreyNoiseJul 16, 2025
GreyNoise observed exploitation of CitrixBleed 2 (CVE-2025-5777) nearly two weeks before a public PoC was released. Full breakdown: https://www.greynoise.io/blog/exploitation-citrixbleed-2-cve-2025-5777-before-public-poc #GreyNoise #ThreatIntel #CitrixBleed #Citrix #NetScaler
Exploitation of CitrixBleed 2 (CVE-2025-5777) Began Before PoC Was Public

GreyNoise has observed active exploitation attempts against CVE-2025-5777 (CitrixBleed 2), a memory overread vulnerability in Citrix NetScaler. Exploitation began on June 23 — nearly two weeks before a public proof-of-concept was released on July 4.

PrivacyDigestJul 11, 2025

Critical #CitrixBleed 2 #vulnerability has been under active #exploit for weeks

A critical vulnerability allowing #hackers to bypass #multifactor #authentication in network management devices made by #Citrix has been actively #exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild #exploitation.
#security #privacy

https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

Exploits allow hackers to bypass 2FA and commandeer vulnerable devices.

Ars Technica
Paxion CybersecurityJul 11, 2025

🔥 CitrixBleed 2 is live.

A pre-auth memory flaw in Citrix NetScaler leaks passwords, session tokens, and config data—no login required.

🔍 Over 200,000 exploit attempts detected.

🛡️ Secure your infrastructure now.
#CitrixBleed #VulnerabilityAlert #MemoryLeakExploit #CyberProtection #Infosec

Ars Technica NewsJul 9, 2025
Critical CitrixBleed 2 vulnerability has been under active exploit for weeks https://arstechni.ca/bJJZ #vulnerabilities #citrixbleed #Security #hacking #Biz&IT #citrix
Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

Exploits allow hackers to bypass 2FA and commandeer vulnerable devices.

Ars Technica
AmgineJul 8, 2025

I am saddened to see how English #Wikipedia has been scrubbed of mentioning #CitrixBleed - there appears to be only one mention, and it casts doubt on the existence and exploitation of CVE-2023-4966 — https://en.wikipedia.org/wiki/NetScaler#Security_issues:_Citrix_Bleed

Now, with #CitrixBleed2, there will be a lot of people trying to brush up on the history and risks of the #vulnerability, and the world's most-used reference has almost nothing to help.

https://doublepulsar.com/citrixbleed-2-exploitation-started-mid-june-how-to-spot-it-f3106392aa71

h/t @GossiTheDog

#WP #marketing #erasure

NetScaler - Wikipedia

Marcel SIneM(S)USJun 29, 2025
"CitrixBleed 2": #Citrix #Netscaler-Lücken gravierender | Security https://www.heise.de/news/CitrixBleed-2-Citrix-Netscaler-Luecken-gravierender-10460208.html #CitrixNetscaler #CitrixBleed #CitrixBleed2 #Patchday
"CitrixBleed 2": Citrix Netscaler-Lücken gravierender

Kürzlich hat Citrix vor Lücken in Netscaler ADC und Gateway gewarnt. Sie sind gravierender, "CitrixBleed 2" macht die Runde.

heise online