Email Admins will want to take note. Network Admins should investigate the IOC. Security Admins will do what Security Admins do...
"While the investigation is still on-going, Barracuda has concluded the following:
The vulnerability existed in a module which initially screens the attachments of incoming emails. No other Barracuda products, including our SaaS email security services, were subject to the vulnerability identified.
Earliest identified evidence of exploitation of CVE-2023-2868 is currently October 2022.
Barracuda identified that CVE-2023-2868 was utilized to obtain unauthorized access to a subset of ESG appliances.
Malware was identified on a subset of appliances allowing for persistent backdoor access.
Evidence of data exfiltration was identified on a subset of impacted appliances..
Users whose appliances we believe were impacted have been notified via the ESG user interface of actions to take. Barracuda has also reached out to these specific customers. Additional customers may be identified in the course of the investigation.
"While the investigation is still on-going, Barracuda has concluded the following:
Users whose appliances we believe were impacted have been notified via the ESG user interface of actions to take. Barracuda has also reached out to these specific customers. Additional customers may be identified in the course of the investigation.CVE-2023-2868"