Security News > 2023 > June > Barracuda tells its ESG owners to 'immediately' junk buggy kit

Barracuda has now told customers to "Immediately" replace infected Email Security Gateway appliances - even if they have received a patch to fix a critical bug under exploit.

Barracuda pushed a patch to all affected products the day after discovering the issue, but that wasn't quick enough.

Impacted ESG appliances must be immediately replaced regardless of patch version level.

Barracuda's remediation recommendation at this time is full replacement of the impacted ESG. Barracuda did not immediately respond to The Register's questions about why customers need to replace patched appliances, and who is responsible for the intrusions.

Rapid7 estimates there to be about 11,000 Barracuda ESG appliances on the internet, based on the Barracuda Networks Spam Firewall SMTP daemon.

The US Cybersecurity and Infrastructure Security Agency added the Barracuda bug to its Known Exploited Vulnerabilities Catalog late last month.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/08/barracuda_immediately_replace_esg/