Featured in this episode of Chaos Lever
Now this is not something you see every day: A vendor telling you to flat out rip their hardware out of your network.
To quoth the Barracudeth: “Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG.”
Wow. Barracuda Networks’ Email Security Gateway Appliance is the victim here, of a remote command injection vulnerability that effects all modern versions (5.1-current), and can not be fixed.
This was originally documented at the end of May, and given a CVS Score of 9.8- which seems preposterous given what we know now. Chillingly, the report from Barracuda themselves states that the earliest evidence of exploit goes back to October 2022, and that data exfiltration is confirmed to have happened to at least some customers.
Barracuda did pre-emptively notify all customers that they believed to have been affected, but now they’re going public and basically saying… yeah, we’re gonna need you to go ahead and stop using our product. Like, now.