Security News > 2023 > May > Barracuda Email Security Gateways bitten by data thieves
A critical remote command injection vulnerability in some Barracuda Network devices that the vendor patched 11 days ago has been exploited by miscreants - for at least the past seven months.
Barracuda said it discovered the bug, tracked as CVE-2023-2868, in its Email Security Gateway appliance on May 19 and pushed a patch to all of these products globally the following day.
In a security alert posted on Tuesday the vendor disclosed that the vulnerability was under active exploit long before the patch arrived.
No other Barracuda products are affected, according to the security vendor.
Soon after spotting abnormal traffic originating from its email security products, Barracuda called in Mandiant to help with an investigation.
The day after it issued a patch, on May 21, Barracuda deployed a script to the compromised ESG appliances "To contain the incident and counter unauthorized access methods," it said.
News URL
Related news
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-24 | CVE-2023-2868 | Command Injection vulnerability in Barracuda products A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. | 9.8 |