Security News

A critical remote command injection vulnerability in some Barracuda Network devices that the vendor patched 11 days ago has been exploited by miscreants - for at least the past seven months. Barracuda said it discovered the bug, tracked as CVE-2023-2868, in its Email Security Gateway appliance on May 19 and pushed a patch to all of these products globally the following day.

Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway appliances had been abused by threat actors since October 2022 to backdoor the devices. The latest findings show that the critical vulnerability, tracked as CVE-2023-2868, has been actively exploited for at least seven months prior to its discovery.

Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers' Email Security Gateway appliances with custom malware and steal data. The company says an ongoing investigation found that the bug was first exploited in October 2022 to gain access to "a subset of ESG appliances" and deploy backdoors designed to provide the attackers with persistent access to the compromised systems.

Barracuda says that the recently discovered compromise of some of it clients' ESG appliances via a zero-day vulnerability resulted in the deployment of three types of malware and data exfiltration.Zeor-day exploited, Barracuda ESG appliances backdoored.

CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway appliances. Federal Civilian Executive Branch Agencies agencies must patch or mitigate the vulnerability as ordered by the BOD 22-01 binding operational directive.

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company's Email Security Gateway appliances. "The vulnerability stems from incomplete input validation of a user-supplied.tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product."

A vulnerability in Barracuda Networks' Email Security Gateway appliances has been exploited by attackers, the company has warned. CVE-2023-2868 is a critical remote command injection vulnerability affecting only physical Barracuda Email Security Gateway appliances, versions 5.1.3.001 - 9.2.0.006.

Barracuda, a company known for its email and network security solutions, warned customers today that some of their Email Security Gateway appliances were breached last week by targeting a now-patched zero-day vulnerability. While the flaw was patched over the weekend, Barracuda warned on Tuesday that some of its customers' ESG appliances were compromised by exploiting the now-patched security bug.