Security News > 2023 > December > Microsoft discovers critical RCE flaw in Perforce Helix Core Server
Four vulnerabilities, one of which is rated critical, have been discovered in the Perforce Helix Core Server, a source code management platform widely used by the gaming, government, military, and technology sectors.
The four flaws discovered by Microsoft mainly involve denial of service issues, with the most severe allowing arbitrary remote code execution as LocalSystem by unauthenticated attackers.
The most dangerous flaw of the set, CVE-2023-45849, allows unauthenticated attackers to execute code from 'LocalSystem,' a high-privileged Windows OS account reserved for system functions.
In its default configuration, Perforce Server permits unauthenticated attackers to remotely execute arbitrary commands, including PowerShell scripts, as LocalSystem.
By leveraging CVE-2023-45849, attackers may install backdoors, access sensitive information, create or modify system settings, and potentially take complete control of the system running a vulnerable version of Perforce Server.
Hackers are exploiting critical Apache Struts flaw using public PoC. Sophos backports RCE fix after attacks on unsupported firewalls.
News URL
Related news
- Veeam warns of critical RCE bug in Service Provider Console (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- New critical Apache Struts flaw exploited to find vulnerable servers (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-45849 | Code Injection vulnerability in Perforce Helix Core An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. | 9.8 |