Categories: US-Cert-Repository

Barracuda Networks Releases Update to Address ESG Vulnerability

Barracuda Networks has released an update to their advisory addressing a vulnerability—CVE-2023-2868—in their Email Security Gateway Appliance (ESG). According to Barracuda, customers should replace impacted appliances immediately.

CISA urges organizations to review the Barracuda advisory and for all impacted customers to follow the mitigation steps as well as hunt for the listed indicators of compromise (IOCs) to uncover any malicious activity. For more information, see Mandiant’s advisory on Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor.

Note: Customers who used enterprise privileged credentials for management of their Barracuda appliance (such as Active Directory Domain Admin or similar) should take immediate incident investigation steps to validate the use and behavior of all credentials used on the appliance. It is of utmost importance to verify that threat actors have not compromised customer enterprise networks via this entry vector.

Source link

admin

Next Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability »

Previous « CISA Releases Fourteen Industrial Control Systems Advisories

This website uses cookies.

Barracuda Networks Releases Update to Address ESG Vulnerability

Recent Posts

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Six Known Exploited Vulnerabilities to Catalog