Barracuda, a prominent provider of email and network security solutions, has proactively reached out to a number of companies that were targeted through a zero-day vulnerability discovered in its Email Security Gateway (ESG) appliances. The vulnerability, identified as CVE-2023-2868, has been classified as a remote command injection flaw.
Over the weekend, Barracuda promptly applied two fixes to address the vulnerability. However, on Tuesday, the company discovered that some of its clients were still compromised by undisclosed threat actors, despite the implemented patches.
Barracuda has initiated an investigation and determined that the vulnerability led to unauthorized access to a specific subset of email gateway appliances. Affected users have been notified through the ESG user interface and provided with guidance on necessary actions to mitigate the impact. Furthermore, Barracuda has personally reached out to these customers to provide assistance and support.
It is important to note that the zero-day vulnerability solely affected Barracuda’s Email Security Gateway (ESG) product and did not impact customers’ corporate networks. As a precautionary measure, Barracuda has advised its clients to conduct a thorough review of their environment to ensure that the attackers did not exploit the vulnerability to gain access to other endpoints within their networks.
Barracuda emphasized that customers who have not received a notification through the ESG user interface have no reason to believe that their environment has been compromised. Therefore, no specific actions are required from these customers at this time, according to Barracuda’s statement provided to BleepingComputer.
While Barracuda has taken swift action to address the vulnerability and assist affected customers, the company has chosen not to divulge additional details about the incident. Consequently, critical information such as the identity of the attackers, the victims, and the exact number of compromised companies remains undisclosed.
Barracuda’s comprehensive range of enterprise-grade security solutions is utilized by over 200,000 organizations worldwide. Notable names among its clientele include Samsung, Mitsubishi, Kraft Heinz, and Delta Airlines, among others. As a trusted provider of security solutions, Barracuda’s proactive response to this vulnerability demonstrates its commitment to ensuring the protection and resilience of its customers’ digital infrastructure.