CVE-2025-5777

Summary

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Affected Software

VendorProductVersion RangeStatus
NetScalerADC14.1 < 43.56affected
NetScalerADC13.1 < 58.32affected
NetScalerGateway14.1 < 43.56affected
NetScalerGateway13.1 < 58.32affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

CVE Program Container

Additional References

References