<ul data-eligibleForWebStory="true"><li>A new security flaw in Citrix NetScaler ADC and Gateway, known as 'CitrixBleed 2,' allows attackers to steal session cookies without authentication, resembling a previous vulnerability.</li><li>The vulnerability (CVE-2025-5777) results from insufficient input validation, impacting NetScaler gateways and AAA virtual servers, potentially exposing sensitive information and allowing session token theft.</li><li>This issue affects certain versions of NetScaler ADC and Gateway, requiring users to update to fixed versions to mitigate risks. Another high-severity flaw (CVE-2025-5349) in the management interface also needs attention for security.</li><li>Citrix advises terminating active ICA and PCoIP sessions after upgrading all NetScaler devices to ensure complete risk mitigation. Security researcher Kevin Beaumont identified the similarities between 'CitrixBleed 2' and a previous vulnerability, stressing the importance of addressing these security issues.</li></ul>

CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices

Discover more