A vulnerability in the Barracuda Email Security Gateway appliance (ESG) has been discovered.
The flaw is tracked under CVE-2023-2868 and lies in a module which initially screens the attachments of incoming emails.
Successful exploitation could allow a remote attacker to obtain unauthorized access persistent backdoor access and data exfiltration.
SkyWatchSM Alert Legend
Glesec Information Sharing Protocol
GLESEC CYBER SECURITY INCIDENT REPORTS are in compliance with the U.S. Department of Homeland Security (DHS) Traffic-Light Protocol (TLP).
Disclosure is Not Limited.
Limited Disclosure, Restricted Only to the Community.
Limited Disclosure, restricted to the Participant's Organization.
Not for Disclosure, Restricted/ Classified - Only Shared with US DHS.