Email gateway security flaw actively being exploited by hackers is fixed in Barracuda patch for zero-day vulnerability.
In a recent development, a zero-day vulnerability (CVE-2023-2868) has been identified in Barracuda's email security gateway appliance. This vulnerability, if exploited by a threat actor, could potentially allow for remote execution of system commands within Barracuda's product.
According to reports, this vulnerability has been actively exploited to gain unauthorized access in a subset of the devices. However, Barracuda has declined to disclose the exact number of customers impacted or whether any customer data was compromised.
Barracuda has taken immediate action to address this issue. They identified the vulnerability on May 19 and applied a security patch to all impacted appliances globally on May 20. Additionally, a second patch was issued on May 21 as part of Barracuda's containment strategy.
It's worth noting that this vulnerability is a remote command injection vulnerability in a module for email attachment screening. The flaw could lead to problems because it's an additional security layer on a product that organizations rely on for defense.
Impacted customers have been notified and are advised to review their environments and determine any additional actions they want to take. It's essential for these customers to prioritize their security measures to ensure the safety of their data.
Interestingly, Barracuda had more than 200,000 customers when investment firm KKR acquired the company from Thoma Bravo in April 2022. Despite this, no other products or services from Barracuda were subject to the vulnerability.
It's important to acknowledge that vulnerabilities that threaten products organizations rely on for defense can be more damaging. In fact, a report by insurance provider Coalition indicates that common vulnerabilities and exposures (CVEs) are on pace to average more than 1,900 per month this year.
In conclusion, while Barracuda has taken swift action to address the vulnerability, it serves as a reminder for all organizations to remain vigilant in their cybersecurity efforts. It's crucial to stay updated on potential threats and take proactive measures to protect against them.
