CISA has launched further indicators of compromise (IOCs) related to exploitation of CVE-2023-2868. CVE-2023-2868 is a distant command injection vulnerability affecting Barracuda E-mail Safety Gateway (ESG) Equipment, variations 5.1.3.001-9.2.0.006. Malicious menace actors exploited this vulnerability as a zero day as early as October 2022 to realize entry to ESG home equipment.
Obtain the newly launched IOCs related to this exercise:
Overview the next advisories for extra info:
See CISA Releases Malware Analysis Reports on Barracuda Backdoors for malware evaluation studies (MARs) masking beforehand launched IOCs and YARA guidelines and Barracuda Networks Releases Update to Address ESG Vulnerability.