Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-5777 | Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This memory leak vulnerability in Citrix NetScaler/ADC Gateway devices can be leveraged by sending malicious authentication requests, leaking sensitive information.
References
|
| CVE-2025-5777 | Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability | primary_impact | T1555 | Credentials from Password Stores |
Comments
This memory leak vulnerability in Citrix NetScaler/ADC Gateway devices can be leveraged by sending malicious authentication requests, leaking sensitive information.
References
|