Barracuda security advisory (AV23-300) - Update 1

From: Canadian Centre for Cyber Security

Serial number: AV23-300
Date: May 31, 2023
Updated: June 15, 2023

Between May 23 and 30, 2023, Barracuda published security advisories to address a critical vulnerability in the following product:

  • Barracuda Email Security Gateway Appliance – versions 5.1.3.001 to 9.2.0.006

Barracuda has indicated that CVE-2023-2868 has been actively exploited.

Update 1

On June 15, 2023, Barracuda updated their advisory related to vulnerability CVE-2023-2868. Included within the advisory were references to a security blog published by Mandiant that provided a detailed analysis of the reported activity, indicators of compromise (IOCs) and network and file-based signatures that organizations can leverage for their network defences.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: