CVE-2025-5777 - Vulnerability Details - OpenCVE

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact Low

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

No data.

No data.

No data.

References

Link	Providers
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420

History

Tue, 24 Jun 2025 01:15:00 +0000

Type	Values Removed	Values Added
Description	Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway	Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Tue, 17 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 17 Jun 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway
Title		NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
Weaknesses		CWE-125
References		https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}`

MITRE

Status: PUBLISHED

Assigner: Citrix

Published: 2025-06-17T12:29:34.506Z

Updated: 2025-06-26T03:55:14.617Z

Reserved: 2025-06-06T06:14:02.358Z

Link: CVE-2025-5777

Vulnrichment

Updated: 2025-06-17T13:57:47.854Z

NVD

Status : Awaiting Analysis

Published: 2025-06-17T13:15:21.523

Modified: 2025-06-24T01:15:25.177

Link: CVE-2025-5777

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5777", "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", "state": "PUBLISHED", "assignerShortName": "Citrix", "dateReserved": "2025-06-06T06:14:02.358Z", "datePublished": "2025-06-17T12:29:34.506Z", "dateUpdated": "2025-06-26T03:55:14.617Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ADC", "vendor": "NetScaler", "versions": [{"lessThan": "43.56", "status": "affected", "version": "14.1", "versionType": "patch"}, {"lessThan": "58.32", "status": "affected", "version": "13.1", "versionType": "patch"}]}, {"defaultStatus": "unaffected", "product": "Gateway", "vendor": "NetScaler", "versions": [{"lessThan": "43.56", "status": "affected", "version": "14.1", "versionType": "patch"}, {"lessThan": "58.32", "status": "affected", "version": "13.1", "versionType": "patch"}]}], "datePublic": "2025-06-17T12:25:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\"><span style=\"background-color: rgb(255, 255, 255);\">Insufficient input validation leading to memory overread when the</span> </span><span style=\"background-color: rgb(255, 255, 255);\">NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server</span>"}], "value": "Insufficient input validation leading to memory overread when the\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server"}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", "shortName": "Citrix", "dateUpdated": "2025-06-24T00:57:12.458Z"}, "references": [{"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420"}], "source": {"discovery": "UNKNOWN"}, "title": "NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-17T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-5777"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-26T03:55:14.617Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5777", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-17T13:56:45.935140Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:57:47.854Z"}}], "cna": {"title": "NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NetScaler", "product": "ADC", "versions": [{"status": "affected", "version": "14.1", "lessThan": "43.56", "versionType": "patch"}, {"status": "affected", "version": "13.1", "lessThan": "58.32", "versionType": "patch"}], "defaultStatus": "unaffected"}, {"vendor": "NetScaler", "product": "Gateway", "versions": [{"status": "affected", "version": "14.1", "lessThan": "43.56", "versionType": "patch"}, {"status": "affected", "version": "13.1", "lessThan": "58.32", "versionType": "patch"}], "defaultStatus": "unaffected"}], "datePublic": "2025-06-17T12:25:00.000Z", "references": [{"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Insufficient input validation leading to memory overread when the\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\"><span style=\"background-color: rgb(255, 255, 255);\">Insufficient input validation leading to memory overread when the</span> </span><span style=\"background-color: rgb(255, 255, 255);\">NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", "shortName": "Citrix", "dateUpdated": "2025-06-24T00:57:12.458Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5777", "state": "PUBLISHED", "dateUpdated": "2025-06-26T03:55:14.617Z", "dateReserved": "2025-06-06T06:14:02.358Z", "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", "datePublished": "2025-06-17T12:29:34.506Z", "assignerShortName": "Citrix"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficient input validation leading to memory overread when the\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server"}, {"lang": "es", "value": "Validaci\u00f3n de entrada insuficiente que provoca una sobrelectura de memoria en la interfaz de administraci\u00f3n de NetScaler, NetScaler ADC y NetScaler Gateway"}], "id": "CVE-2025-5777", "lastModified": "2025-06-24T01:15:25.177", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "secure@citrix.com", "type": "Secondary"}]}, "published": "2025-06-17T13:15:21.523", "references": [{"source": "secure@citrix.com", "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420"}], "sourceIdentifier": "secure@citrix.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "secure@citrix.com", "type": "Secondary"}]}