At least 100 organizations have been hacked via the exploitation of CitrixBleed 2, a critical NetScaler vulnerability patched in mid-June, and thousands of instances remain vulnerable.
Tracked as CVE-2025–5777 (CVSS score of 9.3), the flaw is described as an insufficient input validation issue that could allow attackers to read out-of-bounds memory.
Security researchers demonstrated that the bug can be exploited to retrieve session tokens from vulnerable NetScaler instances, allowing attackers to hijack sessions and bypass MFA, and CISA added the CVE to the KEV catalog, urging federal agencies to patch it immediately.
In-the-wild exploitation of the security defect, however, began long before PoC code was shared publicly, fresh reports from security researcher Kevin Beaumont and threat intelligence firm GreyNoise reveal.
The security researcher, who warned of the risks associated with CVE-2025–5777 shortly after Citrix released patches on June 17, and who named the bug CitrixBleed 2, says exploitation started June 20, in line with a previous ReliaQuest report.
GreyNoise places the first attacks targeting the vulnerability within the same timeframe, saying it first observed activity on June 24.
On June 26, Citrix published a blog post disputing the exploitation reports, and only updated it on July 11, after CISA included the security defect in KEV.
The updated post reiterates that only NetScaler ADC and NetScaler Gateway deployments configured as a gateway or AAA virtual server are vulnerable, urging customers to patch them as soon as possible and noting that all active sessions should be killed after upgrading, and none exported.
According to Beaumont, all session cookies should also be cleared after applying the patch, as the vulnerability leaks them.
“It appears Citrix has messed up and not told people to clear all session types for CitrixBleed 2… which directly leaves customers who applied patches still at risk of session hijacking,” Beaumont notes.
The observed attacks, the researcher says, hit entities across the education, financial services, government, legal, technology, and telecommunication sectors, and made over 100 victims.
The attackers were seen carefully profiling victims, and then proceeding to collect data from user Citrix sessions and to establish persistence using legitimate MSP admin tools. At least one ransomware group has been exploiting the flaw for initial access.
By July 11, Imperva had seen close to 12 million attacks targeting CVE-2025–5777, which shows that “the activity is clearly spray and pray,” Beaumont notes.
GreyNoise says at least 26 malicious IPs have been used to conduct exploitation attempts over the past three weeks, most of them from China, Russia, South Korea, and the US.
“Early exploitation attempts came from malicious IPs geolocated in China. Rather than exploiting indiscriminately, these IPs targeted GreyNoise sensors configured to emulate Citrix NetScaler appliances, suggesting deliberate targeting,” GreyNoise notes.
As of July 17, close to 4,700 NetScaler instances have not been patched against CitrixBleed 2, data from The Shadowserver Foundation shows.
Citrix customers are advised to update to NetScaler ADC versions 14.1-43.56, 13.1-58.32, 13.1-FIPS, 13.1-NDcPP 13.1-37.235, and 12.1-FIPS 12.1-55.328, and NetScaler Gateway versions 14.1-43.56 and 13.1-58.32. In addition, they should kill all sessions and clear session cookies to fully mitigate the risks associated with this vulnerability.
Related: Google Says AI Agent Thwarted Exploitation of Critical Vulnerability
Related: Critical Wing FTP Server Vulnerability Exploited
Related: Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild
Related: CISA Warns of Two Exploited TeleMessage Vulnerabilities
