Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)
A critical remote command injection vulnerability (CVE-2023-2868) has been discovered in Barracuda Networks' Email Security Gateway (ESG) appliances, affecting versions 5.1.3.001 – 9.2.0.006. The vulnerability arises from incomplete input validation of user-supplied .tar files, allowing remote attackers to execute system commands. Barracuda identified the vulnerability on May 19, 2023, and released patches on May 20 and 21, 2023. The company has notified impacted users and advised them to rotate any credentials connected to the ESG appliance, including LDAP, AD, Barracuda Cloud Control, FTP, SMB credentials, and private TLS certificates. Barracuda's investigation was limited to the ESG product, so customers are responsible for reviewing their environments and determining any additional actions they want to take. CVEs: CVE-2023-2868 [View Article](https://www.helpnetsecurity.com/2023/05/25/cve-2023-2868/)