Organizations whose Barracuda Email Security Gateway appliances were compromised with an already-addressed zero-day vulnerability, tracked as CVE-2023-2868, have been warned by Barracuda Networks to immediately replace their affected appliances, BleepingComputer reports.
"Impacted ESG appliances must be immediately replaced regardless of patch version level. Barracuda's remediation recommendation at this time is full replacement of the impacted ESG," said Barracuda, which did not provide more details on the reason behind the need for total ESG replacement.
Analysis revealed by Barracuda revealed that the security flaw, which was patched on May 20, had been leveraged by attackers since October to compromise certain ESG appliances with the Saltwater malware. Threat actors have also deployed the malicious SeaSide tool to enable reverse shells through SMTP HELO/EHLO commands, with the compromise enabling data exfiltration efforts.
Such a flaw has also been added by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog.
Nearly 12,000 internet-facing Juniper firewall devices were discovered by VulnCheck to be impacted by a new medium-severity remote code execution vulnerability, which could be exploited to facilitate the execution of arbitrary code without the need to create a file, The Hacker News reports.