Email and network security solutions provider Barracuda has reached out to several companies targeted by a zero-day vulnerability found in some of the company’s appliances.
The company recently discovered a zero-day vulnerability in its Email Security Gateway (ESG) appliances. The vulnerability, tracked as CVE-2023-2868, is described as a remote command injection flaw.
Over the weekend, Barracuda applied two fixes, which effectively addressed the issue. However, on Tuesday, the company learned that some of its clients were still being compromised by unnamed threat actors.
Review the environment
“Based on our investigation to date, we have determined that the vulnerability resulted in unauthorized access to a subset of email gateway appliances,” the company said. “Users whose appliances we believe are affected have been notified via the ESG user interface of actions to take. Barracuda has also reached out to specific customers.”
Other Barracuda products were not affected by the error, the company said.
The flaw only affects ESG’s product, and not its customers’ corporate networks, so Barracuda advises its clients to review their environment and make sure attackers don’t move later on to other endpoints .
“If a customer does not receive a notification from us through the ESG user interface, we have no reason to believe that their environment is affected at this time and no actions will be taken by the customer,” Barracuda said. Bleeding Computer.
The company did not want to discuss the issue further, leaving some unanswered questions. In other words, we don’t know who the attackers are or the victims. We don’t know how many companies Barracuda believes have been compromised, either.
According to the company, more than 200,000 organizations worldwide use its enterprise-level security solutions, including high-profile names such as Samsung, Mitsubishi, Kraft Heinz, Delta Airlines, and others.
Via: Bleeping Computer