Libraesva ESG flaw patched following targeted attack

Updates have been issued by Italian software firm Libraesva to address a medium-severity security flaw in its Email Security Gateway offering actively exploited in a state-sponsored attack, BleepingComputer reports.

Threat actors could leverage Libraesva ESG vulnerability to run arbitrary shell commands from a low-privileged account, with company officials confirming that the bug has already been used at least once in an attack attributed to "a foreign hostile state entity."

All Libraesva ESG versions 4.5 and newer are affected by the issue, which stems from inadequate sanitization during active code removal from compressed archive format files.

Automated updates, which include scanners for indicators of compromise and proper patch application, have been made available for cloud and on-premises clients within 17 hours of detecting the exploit, according to Libresva.

However, products that are older than version 5.0 require a manual upgrade before receiving protection, said the firm.