all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-2868: Barracuda and FBI Recommend Replacing Email Security Gateway (ESG) Devices Immediately

Add to bookmarks
Aug. 30, 2023, 7:13 p.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

CVE-2023-2868: Barracuda and FBI Recommend Replacing Email Security Gateway (ESG) Devices Immediately

Since October 2022, attackers have been exploiting a zero-day vulnerability in Barracuda Email Security Gateway devices, and both the vendor and the FBI urge customers to replace these devices immediately


Background


On May 19, Barracuda published an incident report that detailed an investigation into a zero-day vulnerability in its Email Security Gateway (ESG) appliances:









CVEDescriptionCVSSv3Severity
CVE-2023-2868Barracuda ESG Appliance Remote Command Injection Vulnerability9.8Critical …

attackers barracuda customers cve cve-2023-2868 devices email email security email security gateway esg exploiting fbi gateway may october security security gateway vendor vulnerability zero-day zero-day vulnerability

Visit resource

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 5 days, 6 hours ago | www.tenable.com
adaptive security arcanedoor blog called +15
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 1 week ago | www.tenable.com
advisory april crushftp customers +23
Oracle April 2024 Critical Patch Update Addresses 239 CVEs 1 week, 6 days ago | www.tenable.com
addresses april cpu critical +12
CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild 2 weeks, 4 days ago | www.tenable.com
alto april attacks command +25
Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) 3 weeks ago | www.tenable.com
addresses april critical critical vulnerabilities +13
Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils 1 month ago | www.tenable.com
CVE-2023-48788: Critical Fortinet FortiClientEMS SQL Injection Vulnerability 1 month, 2 weeks ago | www.tenable.com
address advisory arbitrary code attacker +20
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407) 1 month, 2 weeks ago | www.tenable.com
CVE-2024-27198, CVE-2024-27199: Two Authentication Bypass Vulnerabilities in JetBrains TeamCity 1 month, 3 weeks ago | www.tenable.com

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs