SEASPY is a stealthier module, that looks like a legitimate service, and uses PCAP to monitor traffic and receive commands.
SALTWATER is a backdoor trojan, with the ability to transfer files, execute commands, and host network tunnels. There have been three malware modules identified on the compromised appliances. But the really bad news is that Barracuda found the vulnerability in the wild, and they have found evidence of exploitation as far back as October 2022. It’s a nasty one, ranking a 9.4 on the CVSS scale. The appliance scans attachments automatically, and the file names could trigger the qx operator in a Perl script. The flaw was a command injection bug triggered by. Specific build information on patched firmware has not been made available, but a firmware build containing the patch was deployed on May 20. Tracked as CVE-2023-2868, this one was introduced back in version 5.1.3.001, and only got patched during the 9.2 development cycle.
Barracuda’s Email Security Gateway (ESG) has had a vulnerability in it for years.
0 kommentar(er)
