Email and web security solutions provider Barracuda has contacted companies that were targeted through a zero-day vulnerability discovered in some of the company’s equipment.
The company recently discovered a zero-day vulnerability in its Email Security Gateway (ESG) appliance. The vulnerability, tracked as CVE-2023-2868, is described as a remote command injection vulnerability.
Over the weekend, Barracuda applied two fixes that effectively fixed the issue. However, on Tuesday, the company learned that some of its customers were still being compromised by an unnamed threat actor.
“Based on our investigation to date, we have determined that this vulnerability resulted in unauthorized access to a subset of email gateway devices,” the company said. “Users whose devices we believe were impacted have been informed of the action to take through the ESG user interface. Barracuda has also contacted these specific customers.”
No other Barracuda products are affected by the flaw, the company said.
The flaw only affects ESG products, not its customers’ corporate networks, which is why Barracuda recommends its customers review their environments and ensure attackers are not moving laterally to other endpoints.
“If the client had not received our notification through the ESG UI, we have no reason to believe their environment has been impacted at this time and no action is required by the client,” Barracuda said beep computer.
The company did not want to discuss the issue further, leaving some questions unanswered. That is, we do not know the identity of the attacker or the victim. We also don’t know how many companies Barracuda thinks have been compromised.
According to the company, more than 200,000 organizations around the world are using its enterprise-level security solutions, including such big names as Samsung, Mitsubishi, Kraft Heinz, Delta Air Lines, and more.
pass: beep computer