Skip to content

CISA Releases IOCs Associated with Malicious Barracuda Activity - 20230901003

Overview

Further to the advisory published by Barracuda regarding the Barracuda ESG Vulnerability including known indicators of compromise (IOCs), CISA has released additional IOCs associated with exploitation of CVE-2023-2868.

This CVE is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances.

Recommendation

The WA SOC recommends administrators review the CISA article which contains the downloadable STIX, as well as additional relevant and important links: