icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

Cyber Security Threat Summary:
CISA has added a recently patched zero-day zero vulnerability to its know catalog of actively exploited flaws, urging federal agencies to apply the fixes by June 16, 2023. Tracked as CVE-2023-2868, the flaw is related to a remote code injection impacting Barracuda Email Security Gateway (ESG) appliances, versions 5.1.3.001 through 9.2.0.006.

According to NIST's national vulnerability database, “the vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product.”

The flaw was identified by Barracuda on May 19, 2023, leading the company to deploy a patch across all ESG devices worldwide a day later. In a further investigation of the issue, Barracuda identified that the vulnerability was leveraged by threat actors to gain unauthorized access to a subset of its email gateway appliances. As such the company rolled out a second fix on May 21 as part of its containment strategy.

“The vulnerability existed in a module which initially screens the attachments of incoming emails. No other Barracuda products, including our SaaS email security services, were subject to this vulnerability,” stated Barracuda in a recent advisory.

Security Officer Comments:
The attacks in the wild have yet to be attributed to a known threat group. As of writing Barracuda has not disclosed how many of its appliances were impacted. Barracuda did note that the users of the affected appliances were notified via the ESG user interface of actions to take, with the company further reaching out separately to these individuals.

Suggested Correction(s):
“Barracuda’s investigation was limited to the ESG product, and not the customer’s specific environment. Therefore, impacted customers should review their environments and determine any additional actions they want to take” (Barracuda, 2023).

Link(s):
https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html https://status.barracuda.com/incidents/34kx82j5n4q9

Contact Us for Threat Assistance
Back to Current Threats