Barracuda asks customers to replace vulnerable Email Security Gateway

Share post:

Barracuda Networks has informed customers to immediately decommission and replace any Email Security Gateway (ESG) appliances that may be affected by a critical security vulnerability. The vulnerability, which has been assigned the CVE-2023-2868 identifier, allows attackers to remotely execute arbitrary system commands on affected devices.

Barracuda estimates that approximately 5% of active ESG appliances worldwide are affected by the vulnerability. The Cybersecurity and Infrastructure Security Agency (CISA) has also issued an advisory about the vulnerability and has urged organizations to take immediate action to mitigate the risk.

According to a report by Rapid7, malicious actors have been exploiting the CVE-2023-2868 vulnerability since November 2022. But Barracuda did not disclose the specific reason for its recommendation to replace affected ESG appliances instead of patching them.

The advisory also mentions several strains of malware, including Saltwater, SeaSpy, and Seaside, that were used to exploit the bug, granting hackers unauthorized access and the ability to carry out various actions on victim networks.

The sources for this piece include an article in TheRecord.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways