Find Vulnerable Barracuda Email Security Gateway Appliances in Your Network
Barracuda is investigating a critical vulnerability in their Email Security Gateway appliances. The remote command injection vulnerability was discovered on the 19th of May but has been actively exploited since October. Patches have been released that address the vulnerability. However, any devices that have already been impacted by the exploits should be replaced immediately. You can read the full story on our Barracuda ESG Vulnerability Blog Post.
The insight page below will help you find all Barracuda ESG appliances in your network. Make sure to apply the patches as soon as possible to protect your network and keep an eye out for impacted devices.
Barracuda ESG Vulnerability Audit Lansweeper On-Prem Query
Select Top 1000000 tblAssets.AssetID, tblAssets.AssetName, tsysAssetTypes.AssetTypeIcon10 As icon, tblAssets.IPAddress, tsysIPLocations.IPLocation, tblAssetCustom.Manufacturer, tblAssetCustom.Model, tblAssets.description, Case When tblErrors.ErrorText Is Not Null Or tblErrors.ErrorText != '' Then 'Scanning Error: ' + tsysasseterrortypes.ErrorMsg Else '' End As ScanningErrors, tblAssets.Lastseen, tblAssets.Lasttried From tblAssets Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype Inner Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID Inner Join tblState On tblState.State = tblAssetCustom.State Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID, Max(tblErrors.Teller) As ErrorID From tblErrors Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID = ScanningError.ID Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype = tblErrors.ErrorType Where tblAssetCustom.Manufacturer Like '%Barracuda%' And (tblAssetCustom.Model Like '%Email Security Gateway%' Or tblAssetCustom.Model Like '%ESG%') And tblState.Statename = 'Active' Order By tblAssetCustom.Model, tblAssets.IPAddress;