CVE-2026-3055: Out-of-Bounds Read in Citrix NetScaler SAML IDP

CVE-2026-3055 is a critical security vulnerability affecting customer-managed deployments of Citrix NetScaler ADC and NetScaler Gateway. The flaw is classified as an out-of-bounds read (CWE-125) within the appliance's memory management subsystem. Successful exploitation allows an unauthenticated remote attacker to extract sensitive information directly from the device's volatile memory.

The vulnerability is isolated to a specific component of the NetScaler architecture. It only manifests when the appliance is configured to act as a Security Assertion Markup Language Identity Provider (SAML IDP). Appliances operating in default configurations or utilizing different authentication mechanisms remain unaffected by this specific flaw.

Industry analysts frequently compare this vulnerability to the CVE-2023-4966 flaw, widely known as Citrix Bleed. Both vulnerabilities share similar characteristics regarding memory over-read mechanics and the subsequent exposure of high-value authentication artifacts. The core risk involves the silent theft of session tokens, which facilitates unauthorized access to internal network resources.

The vulnerability originates from insufficient input validation within the SAML request processing pipeline. When a NetScaler appliance functions as a SAML IDP, it parses incoming HTTP requests containing SAML XML structures. The software fails to adequately verify the boundaries of specific fields or attributes before allocating memory read operations.

An out-of-bounds read occurs when the processing logic calculates a memory address or read length based on attacker-controlled input. The vulnerable function trusts the structural parameters provided in the SAML request without validating them against the actual size of the allocated memory buffer. This logical error forces the memory allocator to read past the intended boundary of the XML payload.

Network appliances utilize dynamic memory allocation to manage thousands of concurrent sessions. Heap memory regions store incoming request buffers directly adjacent to buffers containing active session data, cryptographic keys, and user credentials. By reading beyond the allocated boundary, the SAML parser inadvertently captures these adjacent memory structures and includes them in the processing sequence.

The system subsequently returns this improperly captured memory to the requester. The lack of proper bounds checking combined with the dense memory layout of high-throughput network appliances creates a highly reliable mechanism for data exfiltration. The flaw exists entirely within the native code responsible for SAML payload deserialization.

Exploitation requires the attacker to transmit a specifically crafted SAML request to the public-facing NetScaler SAML IDP endpoint. The attacker does not need prior authentication, valid credentials, or any existing session state on the target device. The attack vector is entirely network-based and relies on the appliance processing the initial unauthenticated request.

The malicious payload exploits the parsing logic by providing anomalous length indicators or malformed XML attributes. When the NetScaler service processes the request, the flawed logic triggers the out-of-bounds read. The service processes the request and formulates an HTTP response that includes the improperly accessed memory contents.

The attacker receives an HTTP response containing a direct dump of the target's memory. This memory segment typically contains active session cookies, NetScaler Gateway authentication tokens, and potentially plaintext credentials. The exploit process requires low technical complexity and generates minimal log artifacts, complicating detection efforts.

The CVSS v4.0 base score of 9.3 reflects the severe and immediate danger posed by this vulnerability. The attack vector is network-based, requires no privileges, and necessitates no user interaction. The high scores for Vulnerability Confidentiality, Integrity, and Availability demonstrate the comprehensive impact on the affected system.

The primary impact is the complete compromise of device confidentiality. By extracting active session tokens, attackers bypass primary authentication controls, including multifactor authentication (MFA) requirements. Attackers can inject these stolen tokens into their own browser sessions to impersonate legitimate users and administrators.

Administrative session hijacking leads to secondary impacts on system integrity and availability. An attacker possessing an administrative token can modify appliance configurations, alter routing rules, or disable critical security services. The access granted by these stolen tokens frequently provides a direct foothold into the broader internal network.

Organizations must apply the vendor-supplied firmware updates immediately to remediate the vulnerability. Citrix released patched versions for active development tracks, including version 14.1-66.59 and version 13.1-62.23. Organizations operating under FIPS or NDcPP requirements must upgrade to version 13.1-37.262 or later.

Administrators must first verify if their appliance exposes the vulnerable SAML IDP functionality. This verification requires checking the appliance configuration for the presence of a SAML IDP profile. Administrators can execute the following command via the NetScaler CLI to determine exposure:

# Check for SAML IDP Profile configuration
show authentication samlIdPProfile

Alternatively, administrators can parse the ns.conf configuration file for the string add authentication samlIdPProfile. If the command returns no results or the string is absent, the appliance is not actively vulnerable to this specific attack vector. However, proactive patching remains the recommended security posture.

Post-patching procedures require a complete appliance reboot to ensure all volatile memory buffers clear entirely. Administrators must also force a rotation of all active sessions and monitor authentication logs for anomalous access patterns utilizing previously issued tokens. Cloud-managed NetScaler instances are inherently unaffected and require no customer intervention.