Security News > 2023 > December > Barracuda fixes new ESG zero-day exploited by Chinese hackers
Network and email security firm Barracuda says it remotely patched all active Email Security Gateway appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers.
The company deployed a second wave of security updates a day later on already compromised ESG appliances where the attackers deployed SeaSpy and Saltwater malware.
Disclosed on Christmas Eve and tracked as CVE-2023-7102, the zero-day is due to a weakness in the Spreadsheet::ParseExcel third-party library used by the Amavis virus scanner running on Barracuda ESG appliances.
In May, the same hacker group used another zero-day to target Barracuda ESG appliances as part of a cyber-espionage campaign.
Google fixes 8th Chrome zero-day exploited in attacks this year.
Google Chrome emergency update fixes 7th zero-day exploited in 2023.
News URL
Related news
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Chinese hackers breached T-Mobile's routers to scope out network (source)
- Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers (source)
- U.S. org suffered four month intrusion by Chinese hackers (source)
- Chinese hackers use Visual Studio Code tunnels for remote access (source)
- White House links ninth telecom breach to Chinese hackers (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- Chinese hackers also breached Charter and Windstream networks (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-24 | CVE-2023-7102 | Unspecified vulnerability in Barracuda products Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. | 9.8 |