Barracuda fixes new ESG zero-day exploited by Chinese hackers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

[ad_1]

Cybersecurity experts from Barracuda recently discovered and patched a high-severity vulnerability in some of its email security gateway (ESG) devices.

The flaw, tracked as CVE-2023-7102, is an Arbitrary Code Execution (ACE) vulnerability found inside a third-party library called Spreadsheet::ParseExcel. This library is used by the Amavis virus scanner, within the ESG appliance, the experts said. By crafting a custom Excel attachment, the attackers would able to exploit the flaw and run pretty much any code on the vulnerable device, unabated.

[ad_2]

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW