Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” Vulnerability identification and disclosure Barracuda has identified a critical vulnerability (CVE-2023-2868) in their ESG appliances on May 19, 2023, and pushed a patch to them all on the following day. On May 21, “a script was deployed to all impacted appliances to contain the incident and counter unauthorized access methods.” The remote command injection vulnerability affected versions 5.1.3.001 to 9.2.0.006 of the physical appliance and was being exploited by attackers in the wild, “to obtain unauthorized access to a subset of ESG appliances.” Custom-made malware was deployed on them to achieve persistent access.

Source: Help Net Security