Cybersecurity specialists from Barracuda lately found and patched a high-severity vulnerability in a few of its electronic mail safety gateway (ESG) units.
The flaw, tracked as CVE-2023-7102, is an Arbitrary Code Execution (ACE) vulnerability discovered inside a third-party library known as Spreadsheet::ParseExcel. This library is utilized by the Amavis virus scanner, inside the ESG equipment, the specialists stated. By crafting a customized Excel attachment, the attackers would capable of exploit the flaw and run just about any code on the susceptible gadget, unabated.
Along with Mandiant, Barracuda’s researchers concluded that the flaw was being leveraged by a Chinese language risk actor tracked as UNC4841. This group has been utilizing the ACE flaw to drop new variants of SEASPY and SALTWATER malware.
Open supply in peril
“On December 22, 2023, Barracuda deployed a patch to remediate compromised ESG home equipment which exhibited indicators of compromise associated to the newly recognized malware variants,” the corporate stated in an announcement. No motion from the person’s facet is required, Barracuda concluded, including that its investigation into the matter is ongoing.
Whereas Barracuda did handle the problem inside its personal ecosystem, the open-source library stays susceptible, the corporate burdened. “For organizations using Spreadsheet::ParseExcel in their very own services or products, we advocate reviewing CVE-2023-7101 and promptly taking vital remediation measures,” it concluded.
This isn’t the primary time Barracuda’s ESG home equipment have been focused by UNC4841, BleepingComputer reminds. In Could, the group used one other zero-day vulnerability, CVE-2023-2868, as a part of its cyber-espionage marketing campaign. On the time, the corporate stated the hackers have been abusing the flaw for greater than half a 12 months, and have been deploying beforehand unknown malware. Roughly a 3rd of all focused endpoints belonged to authorities companies, Mandiant confirmed.
Barracuda claims to be servicing greater than 200,000 organizations all around the world, together with main manufacturers corresponding to Samsung, Mitsubishi, or Delta Airways.
