Barracuda Urges Customers to Replace Appliances Affected by Zero-day Flaw
Enterprise security company, Barracuda, has issued a warning to its customers to replace its Email Security Gateway (ESG) appliances which have been affected by a zero-day flaw. The company has urged its customers to replace the appliances regardless of patch version level or to take them offline until a replacement can be arranged.
What is a Zero-day Flaw?
A zero-day flaw is a previously unknown vulnerability in software that is being exploited by attackers before the software vendor is even aware of the vulnerability.
How Was the Flaw Found?
The flaw was discovered by two researchers at Exodus Intelligence, and it affects Barracuda ESG firmware versions 7.0.1 and 7.0.2. Customers with earlier versions are likely to be affected as well. The security flaw could potentially allow an attacker to remotely take over the ESG appliance and gain unauthorised access to email traffic.
What is Barracuda Doing?
Barracuda has warned its customers, asking them to replace the appliances that have been affected. However, as of yet, it has not issued any statement or advice about how customers can avoid such incidents in the future.
Enterprise security company Barracuda has urged its customers to immediately replace its ESG appliances which have been affected by a zero-day flaw. The vulnerability was discovered by Exodus Intelligence, and it potentially allows attackers to remotely take control of the ESG appliance and gain unauthorised access to email traffic. Barracuda has not given any advice on how to avoid such incidents in the future, but is advising customers to replace their affected appliances immediately.