CVE-2025-5777

216.73.216.233

· Published 10/07/2025 02:00 · Modified 21/12/2025 14:34 · Author: Cybersecurity and Infrastructure Security Agency

Labels: CVE-2025-5777 2025-06-17 CVE-2025-5777 CWE-125 [email protected]

Essential information

Published: 10/07/2025 02:00
Modified: 21/12/2025 14:34
Author: Cybersecurity and Infrastructure Security Agency
Creator: Cybersecurity and Infrastructure Security Agency
CVSS: 7.5 HIGH (v3.1) 9.3 CRITICAL (v4.0)
CISA KEV: Yes
CWE: —
CVSS vector: CVSS:3.1/AV:N/C:H/I:N/A:N

CVSS metrics

Description

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
citrix / netcaler adc	`cpe:2.3:a:citrix:netcaler_adc::::::::`
citrix / netcaler gateway	`cpe:2.3:a:citrix:netcaler_gateway::::::::`
citrix / netcaler management interface	`cpe:2.3:a:citrix:netcaler_management_interface::::::::`

CVE-2025-5777

Essential information

CVSS metrics

Description

NVD status

Affected products (CPE)

References

Related entities

Attack reports (4)