Security News > 2023 > June > Barracuda says hacked ESG appliances must be replaced immediately

Barracuda says hacked ESG appliances must be replaced immediately
2023-06-07 20:57

Email and network security company Barracuda warns customers they must replace Email Security Gateway appliances hacked in attacks targeting a now-patched zero-day vulnerability.

"Impacted ESG appliances must be immediately replaced regardless of patch version level," the company warned in an update to the initial advisory issued on Tuesday.

The warning comes after the critical Barracuda ESG remote command injection flaw tracked as CVE-2023-2868 was patched remotely on May 20, and the attackers' access to the compromised appliances was cut off one day later by deploying a dedicated script.

On May 24, Barracuda warned customers that their ESG appliances might have been breached via the CVE-2023-2868 bug and advised them to investigate their environments for signs of intrusion.

A Barracuda spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today for additional details on why a full ESG replacement is required.

The Barracuda ESG bug was exploited as a zero-day for at least seven months to backdoor customers' ESG appliances with custom malware and steal data, as the company revealed one week ago.


News URL

https://www.bleepingcomputer.com/news/security/barracuda-says-hacked-esg-appliances-must-be-replaced-immediately/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-24 CVE-2023-2868 Command Injection vulnerability in Barracuda products
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006.
network
low complexity
barracuda CWE-77
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Barracuda 19 0 2 4 5 11