C
CISA
Guest
CISA has released additional [indicators of compromise (IOCs)] associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances.
Download the newly released IOCs associated with this activity:
AIS IB-23-20071 IOCs Associated with Exploitation of Barracuda ESG Vulnerability CVE-2023-2868 16132771.stix_.json (JSON, 0.00 KB )
Review the following advisories for more information:
See CISA Releases Malware Analysis Reports on Barracuda Backdoors for malware analysis reports (MARs) covering previously released IOCs and YARA rules and Barracuda Networks Releases Update to Address ESG Vulnerability.
Continue reading...
Download the newly released IOCs associated with this activity:
AIS IB-23-20071 IOCs Associated with Exploitation of Barracuda ESG Vulnerability CVE-2023-2868 16132771.stix_.json (JSON, 0.00 KB )
Review the following advisories for more information:
- Mandiant: Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
- Barracuda: Barracuda Email Security Gateway Appliance (ESG) Vulnerability
See CISA Releases Malware Analysis Reports on Barracuda Backdoors for malware analysis reports (MARs) covering previously released IOCs and YARA rules and Barracuda Networks Releases Update to Address ESG Vulnerability.
Continue reading...