Artwork

Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777

38:12
 
Share
 

Manage episode 489747603 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Two newly disclosed critical vulnerabilities—CVE-2025-5349 and CVE-2025-5777—have put Citrix NetScaler ADC and Gateway deployments at serious risk, exposing enterprise environments to potential data breaches and service disruptions. These flaws underscore the persistent challenges facing infrastructure teams, especially when balancing security patching with service availability.

We dive deep into:
🔍 The technical mechanisms behind the NetScaler vulnerabilities and why they’re considered high risk
⚙️ The real-world difficulties of patching Citrix environments, including long installation times, session disruption concerns, and HA strategy failures
🛠️ Staged patching techniques, including gold image refresh for MCS, traffic redirection using VIP isolation, and Citrix’s official upgrade flow
🔒 A breakdown of the AAA (Authentication, Authorization, Accounting) model and its relevance for secure VPN access
🧠 Broader lessons from CWE-125 (Out-of-Bounds Read) and how SAST, SCA, and code reviews help developers catch software vulnerabilities before they reach production

This episode ties together software security principles with enterprise infrastructure reality, highlighting how missteps in either domain can leave organizations exposed. Whether you're managing Citrix infrastructure or building secure software, this conversation bridges the gap between theory and practice.

  continue reading

217 episodes

Artwork
iconShare
 
Manage episode 489747603 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Two newly disclosed critical vulnerabilities—CVE-2025-5349 and CVE-2025-5777—have put Citrix NetScaler ADC and Gateway deployments at serious risk, exposing enterprise environments to potential data breaches and service disruptions. These flaws underscore the persistent challenges facing infrastructure teams, especially when balancing security patching with service availability.

We dive deep into:
🔍 The technical mechanisms behind the NetScaler vulnerabilities and why they’re considered high risk
⚙️ The real-world difficulties of patching Citrix environments, including long installation times, session disruption concerns, and HA strategy failures
🛠️ Staged patching techniques, including gold image refresh for MCS, traffic redirection using VIP isolation, and Citrix’s official upgrade flow
🔒 A breakdown of the AAA (Authentication, Authorization, Accounting) model and its relevance for secure VPN access
🧠 Broader lessons from CWE-125 (Out-of-Bounds Read) and how SAST, SCA, and code reviews help developers catch software vulnerabilities before they reach production

This episode ties together software security principles with enterprise infrastructure reality, highlighting how missteps in either domain can leave organizations exposed. Whether you're managing Citrix infrastructure or building secure software, this conversation bridges the gap between theory and practice.

  continue reading

217 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play