Patch Now: Barracuda Email Security Gateway (ESG) Appliance Zero-Day Vulnerability

On June 6, 2023, Barracuda Networks released an updated vulnerability notice instructing affected customers to replace their on-prem Email Security Gateway (ESG) appliances.

Barracuda became aware of suspicious network activity from on-prem Barracuda ESG appliances on May 18, 2023. An investigation supported by cybersecurity firm Mandiant discovered a vulnerability, CVE-2023-2868, in an attachment screening module, which Barracuda remotely patched.

Barracuda has identified affected appliances and released a list of Indicators of Compromise (IOC). As of June 6, Barracuda’s latest guidance is to have any known affected ESG appliances decommissioned and replaced with a new Barracuda appliance.

This vulnerability is suspected of being exploited as early as October 2022 and has been used to deploy malware containing backdoor capabilities. 

The entire disclosure and most up-to-date information is available here: https://www.barracuda.com/company/legal/esg-vulnerability 

– Kaseya Threat Management Team