Security News > 2023 > December > Barracuda fixes new ESG zero-day exploited by Chinese hackers

Network and email security firm Barracuda says it remotely patched all active Email Security Gateway appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers.
The company deployed a second wave of security updates a day later on already compromised ESG appliances where the attackers deployed SeaSpy and Saltwater malware.
Disclosed on Christmas Eve and tracked as CVE-2023-7102, the zero-day is due to a weakness in the Spreadsheet::ParseExcel third-party library used by the Amavis virus scanner running on Barracuda ESG appliances.
In May, the same hacker group used another zero-day to target Barracuda ESG appliances as part of a cyber-espionage campaign.
Google fixes 8th Chrome zero-day exploited in attacks this year.
Google Chrome emergency update fixes 7th zero-day exploited in 2023.
News URL
Related news
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-24 | CVE-2023-7102 | Unspecified vulnerability in Barracuda products Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. | 9.8 |