Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

May 26, 2023Ravie LakshmananEmail Security / Zero-Day

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances.

The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions through

The California-headquartered firm said the issue is rooted in a component that screens the attachments of incoming emails.

“The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives),” according to an advisory from the NIST’s national vulnerability database.

“The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl’s qx operator with the privileges of the Email Security Gateway product.”

The shortcoming, Barracuda noted, was identified on May 19, 2023, prompting the company to deploy a patch across all ESG devices worldwide a day later. A second fix was released on May 21 as part of its “containment strategy.”

Additionally, the company’s investigation uncovered evidence of active exploitation of CVE-2023-2868, resulting in unauthorized access to a “subset of email gateway appliances.”

The company, which has over 200,000 global customers, did not disclose the scale of the attack. It said affected users have

Read more

Explore the site

More from the blog

Latest News