CISA warns govt agencies of recently patched Barracuda zero-day
27-May-23
CISA issued a warning about a newly patched zero-day vulnerability that was used to breach Barracuda Email Security Gateway (ESG) devices last week. More than 200,000 firms globally, including well-known brands like Samsung, Mitsubishi, Kraft Heinz, and Delta Airlines, according to Barracuda, use its security solutions. Based on this proof of ongoing exploitation, the American cybersecurity agency added the bug (CVE-2023-2868) to its list of security weaknesses that have been actively exploited.The BOD 22-01 binding operational directive mandates that Federal Civilian Executive Branch (FCEB) entities repair or reduce the vulnerability.
