Hackers are exploiting a brand new vulnerability affecting a number of NetScaler merchandise utilized by firms to handle community visitors.
Citrix published an advisory on Wednesday about CVE-2025-6543, a vulnerability carrying a severity rating of 9.2 out of 10 that impacts its Netscaler ADC and Netscaler Gateway home equipment. The corporate mentioned exploits of the vulnerability “on unmitigated home equipment have been noticed.”
Citrix urged clients to put in up to date variations of the software program.
The advisory follows considerations about two different Netscaler vulnerabilities, tagged as CVE-2025-5349 and CVE-2025-5777. In its advisory final week, Citrix didn’t say if the bugs had already been exploited.
Researchers have speculated that the three bugs are probably related however Citrix didn’t reply to requests for remark.
Consultants in contrast the vulnerabilities from final week to Citrix Bleed — a broadly exploited bug in 2023 that was utilized by ransomware gangs and nation-states to assault dozens of presidency organizations and main firms together with Boeing and Toyota.
Cybersecurity skilled Kevin Beaumont, who dubbed the current bugs as “Citrix Bleed 2,” warned that 1000’s of NetScaler installations are uncovered to the web. CVE-2025-5349 and CVE-2025-5777 permit risk actors to learn delicate knowledge that might be used to bypass multifactor authentication, he added.
The U.Ok.’s Nationwide Well being Service released its personal discover evaluating the primary two revealed vulnerabilities to Citrix Bleed, reiterating that the 2023 bug was closely exploited by ransomware gangs.
CVE-2025-5777 might expose “delicate data akin to session tokens,” the NHS mentioned.
“Attackers might use these tokens to hijack current periods, permitting entry into the community, bypassing authentication controls akin to multi-factor authentication (MFA),” they added.
The unique Citrix Bleed bug brought about alarm amongst defenders due to what number of hospitals and important infrastructure organizations use NetScaler ADC and NetScaler Gateway.
The U.S. Cybersecurity and Infrastructure Safety Company warned more than 300 organizations in 2023 of their publicity to Citrix Bleed.
Recorded Future
Intelligence Cloud.
