Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability

Known Exploited Vulnerabilities CVE-2025-5777

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2025-5777	Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability	exploitation_technique	T1190	Exploit Public-Facing Application	Comments This memory leak vulnerability in Citrix NetScaler/ADC Gateway devices can be leveraged by sending malicious authentication requests, leaking sensitive information. References https://github.com/bughuntar/CVE-2025-5777
CVE-2025-5777	Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability	primary_impact	T1555	Credentials from Password Stores	Comments This memory leak vulnerability in Citrix NetScaler/ADC Gateway devices can be leveraged by sending malicious authentication requests, leaking sensitive information. References https://github.com/bughuntar/CVE-2025-5777