CVE-2025-5777 – Memory Over Read in NetScaler Gateway
A critical vulnerability, CVE-2025-5777, has been identified in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. The flaw is a memory over-read caused by insufficient input validation, which can allow unauthenticated attackers to extract valid session tokens from memory. It affects multiple versions prior to 14.1-43.56 and 13.1-58.32. The IONIX research team is tracking ongoing exploitation attempts and recommends immediate patching. Potentially exposed assets are outlined in this post.
References: