Serial number: AV23-300
Date: May 31, 2023
Updated: June 15, 2023
Between May 23 and 30, 2023, Barracuda published security advisories to address a critical vulnerability in the following product:
- Barracuda Email Security Gateway Appliance – versions 5.1.3.001 to 9.2.0.006
Barracuda has indicated that CVE-2023-2868 has been actively exploited.
Update 1
On June 15, 2023, Barracuda updated their advisory related to vulnerability CVE-2023-2868. Included within the advisory were references to a security blog published by Mandiant that provided a detailed analysis of the reported activity, indicators of compromise (IOCs) and network and file-based signatures that organizations can leverage for their network defences.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.