Barracuda Email Security Zero-Day

Published On: May 25, 2023Categories: Cyber Alerts

In today’s SensCy Cyber Alert, your SensCy team urges Barracuda product users to install the new update immediately. The latest update remediates One new zero-day vulnerability in the Email Security Gateway (ESG) appliances. Barracuda released two patches on May 19 and 21.

CVE-2023-2868 is a remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product affecting versions 5.1.3.001-9.2.0.006.

According to Barracuda Security, “ the vulnerability “resulted in unauthorized access to a subset of email gateway appliances.” Other products, such as the software-as-a-service (SaaS) email security, were not affected.

Barracuda also said that their investigation was limited to the ESG product, so it’s on customers to review their environments and determine if there are additional actions they want to take

What is a zero-day vulnerability?

In cybersecurity, a zero-day vulnerability refers to a vulnerability in a system or device that has been disclosed but not yet patched. The vulnerability was discovered before developers and security researchers were aware of it and could provide a patch/update.

How to check for new updates:

Here is a knowledge-based article from Barracuda to apply security patches.

SensCy recommends that all systems have automatic updates turned on.
If you need additional information, please contact your client advocate.

Related Posts

  • June 13, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Brief, your SensCy team reviewed Adobe latest release of security updates. We recommend installing those updates immediately if you are using [...]

  • June 13, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team recommends Google Chrome Browser users to install the new Chrome Version 126 immediately. The new update patches [...]

  • June 6, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team is reviewing latest disclosure of vulnerabilities by WordPress. There were 99 vulnerabilities discovered, including 82 WordPress plugin. [...]