CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances. 

Members are encouraged to download the newly released IOCs associated with this activity. Read more at CISA.

Previous WaterISAC Reporting:

• EPA Distributes Advisory Emphasizing Importance of Addressing Barracuda ESG Vulnerability
• FBI FLASH: Suspected PRC Cyber Actors Continue to Globally Exploit Barracuda ESG Zero-Day Vulnerability