Flutterby™! : Barracude ESG vulnerability

Whoah! What happens when you can't guarantee that your boot is coming from completely clean media: Barracuda Networks Email Security Gateway Appliance Vulnerability:

ACTION NOTICE: Impacted ESG appliances must be immediately replaced regardless of patch version level. If you have not replaced your appliance after receiving notice in your UI, contact support now [elided]

Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG.

I mean, we know that when you can field upgrade the BIOS you can get devices into this kind of a state, but that's a very strong argument for the BIOS to be little more than a boot sector loader. Instead we seem to be going to more and more BIOS capabilities...