Synopsis: Exploitation of CVE-2023-2868 in Barracuda’s ESG appliances continues by suspected PRC cyber actors. Even those with patches from Barracuda remain at risk for the insertion of malicious payloads.
Action: The prevailing recommendation from law enforcement is to remove all ESG appliances and check for outgoing connections using the list of indicators they provide.
Fortified recognizes this may not be feasible in all instances, so we further advise considering alternative hardening methods if the primary recommendation by law enforcement cannot be followed.