Security News > 2023 > December > Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances
2023-12-27 12:35
Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and open-source library Spreadsheet::ParseExcel that's used by the Amavis scanner within the
News URL
https://thehackernews.com/2023/12/chinese-hackers-exploited-new-zero-day.html
Related news
- Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware (source)
- Chinese hackers breached 20,000 FortiGate systems worldwide (source)
- 20,000 FortiGate appliances compromised by Chinese hackers (source)
- Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign (source)
- Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware (source)
- Chinese APT40 hackers hijack SOHO routers to launch attacks (source)
- Chinese Hackers Target Taiwan and U.S. NGO with MgBot and MACMA Malware (source)
- Chinese hackers deploy new Macma macOS backdoor version (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-24 | CVE-2023-7102 | Unspecified vulnerability in Barracuda products Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. | 9.8 |