image credit: Pexels

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

May 26, 2023

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances.

The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions through

The California-headquartered firm said the issue is rooted in a component that screens the attachments of incoming emails.

“The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives),” according to an advisory from the NIST’s national vulnerability database.

Read More on The Hacker News