Latest Zero-Day Vulnerabilities: UNC4841 Targets Barracuda ESG with CVE-2023-7102, Apache OFBiz Authentication Bypass (CVE-2023-51467)
The UNC4841 group, linked to China, is targeting Barracuda Email Security Gateway (ESG) appliances by exploiting a new zero-day vulnerability identified as CVE-2023-7102. Attackers use specially crafted Excel files attached to emails to target a limited number of Barracuda ESG devices and deploy new variants of SeaSpy and SaltWater malware. A publicly available Proof-of-Concept (PoC) exploit raises concerns about potential widespread impact. Another recently discovered zero-day vulnerability, CVE-2023-51467, affects Apache OFBiz, an open-source Enterprise Resource Planning (ERP) system. The vulnerability resides in the login functionality and allows attackers to bypass authentication protections, ultimately enabling a Server-Side Request Forgery (SSRF) attack. To safeguard against potential threats, it is advised to promptly update to Apache OFBiz version 18.12.11 or later. CVEs: CVE-2023-7102, CVE-2023-2868, CVE-2023-49070, CVE-2023-51467, CVE-2023-7101 Malware: SALTWATER, SEASPY [View Article](https://socradar.io/latest-zero-day-vulnerabilities-unc4841-targets-barracuda-esg-with-cve-2023-7102-apache-ofbiz-authentication-bypass-cve-2023-51467/)