Security News > 2023 > May > Barracuda Email Security Gateways bitten by data thieves

Barracuda Email Security Gateways bitten by data thieves
2023-05-31 18:15

A critical remote command injection vulnerability in some Barracuda Network devices that the vendor patched 11 days ago has been exploited by miscreants - for at least the past seven months.

Barracuda said it discovered the bug, tracked as CVE-2023-2868, in its Email Security Gateway appliance on May 19 and pushed a patch to all of these products globally the following day.

In a security alert posted on Tuesday the vendor disclosed that the vulnerability was under active exploit long before the patch arrived.

No other Barracuda products are affected, according to the security vendor.

Soon after spotting abnormal traffic originating from its email security products, Barracuda called in Mandiant to help with an investigation.

The day after it issued a patch, on May 21, Barracuda deployed a script to the compromised ESG appliances "To contain the incident and counter unauthorized access methods," it said.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/05/31/datastealing_email_attack_bites_barracuda/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-24 CVE-2023-2868 Command Injection vulnerability in Barracuda products
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006.
network
low complexity
barracuda CWE-77
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Barracuda 19 0 2 4 5 11