Stormshield Customer Security Lab has explained how to deal with a critical vulnerability in Citrix NetScaler enterprise software.
Accordingly, the weakness, reference CVE-2025- 5777, scored 9.3 out of 10 with common vulnerability scoring system (CVSS) 3.1.
“The vulnerability CVE-2025-5777 allows an unauthenticated attacker to retrieve a fragment of the server’s memory,” the Stormshield team said.
“A memory fragment is leaked by the server. The attacker can resend as many requests as he or she wants and therefore retrieve large amounts of data.”
Stormshield said multiple versions of NetScaler software could be affected. They include:
- NetScaler ADC and NetScaler Gateway 14.1-43.56 and later releases;
- NetScaler ADC and NetScaler Gateway 13.1-58.32 and later releases of 13.1;
- NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.235 and later releases of 13.1-FIPS and 13.1-NDcPP; and
- NetScaler ADC 12.1-FIPS 12.1-55.328 and later releases of 12.1-FIPS.
However, Stormshield added that the vulnerability requires a missing check for an empty parameter on a HTTP request.
“The appliance is vulnerable only if it is configured on Gateway mode (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server,” the team said.
Critical vulnerability defences for endpoints and more
And solutions such as Stormshield Network Security (SNS) firewalling could defend organisations, they said.
Exploits using CVE-2025-5777 with the appropriate IPS signature could be detected and blocked, via decryption.
You could also update the Netscaler server. Stormshield recommends several versions, including NetScaler ADC and NetScaler Gateway 14.1-43.56, and steps to take. Click here.
Stormshield is headquartered in France, offering sovereign European offerings for endpoint security, network security and data security.
According to the vendor, its offerings meet standards for many public sector deployments, including military or defence. In addition, Stormshield is designed for IT/OT implementations to defend public infrastructure such as utilities.
Also, Stormshield works to inform partners and customers about global cyber-threats. Security services include IP reputation database search and vulnerability management.
( Photo by Brad Starkey on Unsplash )
