Security News > 2023 > December > Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances
2023-12-27 12:35
Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and open-source library Spreadsheet::ParseExcel that's used by the Amavis scanner within the
News URL
https://thehackernews.com/2023/12/chinese-hackers-exploited-new-zero-day.html
Related news
- Chinese hackers breach US local governments using Cityworks zero-day (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)
- Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
- Hackers earn $1,078,750 for 28 zero-days at Pwn2Own Berlin (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-24 | CVE-2023-7102 | Unspecified vulnerability in Barracuda products Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. | 9.8 |