- Strokes 2 detected at the end of June 2025
- Yet most examples have not been patch
- Security researchers are warning that the possibility of this bug is already being exploited
Several researchers have warned that citrix -2, which has a threat to the Sitrix Net Scaler ADC and the Net Scaler Gateway, is now being actively exploited in the wild, several researchers have been warned.
Security researchers have recently been at risk of a significant severity in these incidents, which can allow actors to hijack the user’s sessions and access the target environment.
This error, which is described as insufficient input verification risk, is tracked as more than memory, is tracked as CV-2025-5777, and affects the device version 14.1 and 47.46, and 13.1 and 59.19 before. Security researchers named Sitssbled 2, with a similar resemblance to the risk of its previous citrates.
You can like
(No) evidence of abuse
Immediately to a patch. Later, a patch was made available, but apparently, most examples have not yet been patching, and the threatening actors are benefiting from this fact. Several security researchers, including Relivest, Watchtore, and Horizon 3, have warned consumers of ongoing exploitation campaigns.
Register Notice Watch Tower Labs found, “The main part of the Sitrix Net Scale User Base” was not against the Sitrixable 2, every one emphasized that it needs to do so because the bug is “modest” to exploit.
Researchers said, “Earlier, we said we had no intention of releasing this threat analysis.” However, “minimal” information sharing information about the error “holds these users in a tough position when they decide whether they need to apply internal alarms.”
Immediately afterwards, horizon 3.Ai said, “So far, the actors are likely to be included in their tool kits.”
At the same time, the citrix is giving a mixed signal to whether the insects are really being exploited in the wild. The company is redirecting all media inquiries to a blog post discussing the matter, which says “Currently, there is no evidence of proposing the exploitation of CV-2025-5777.”
However, in the general questionnaire of the same blog post, he also said that “the immediate installation of the recommended dedication is very important due to the intensity identifying this risk and the proof of active exploitation.” If this answer is related to citrix 2, or a different weakness, it is left somewhat confused.
Finally, somewhere else in the general questionnaire, it says, “We are currently unaware of any evidence of the exploitation of CV-2025-5349 or CV-2025-5777.”
We will all advise them to be on a safe side, especially since Struxbled is being subjected to high -end attacks by national states.
