Widely used source code management platform Perforce Helix Core Server was discovered by Microsoft to be impacted by four security flaws, including a critical remote code execution
vulnerability and three high-severity denial-of-service bugs, which have already been patched last month, reports BleepingComputer
Threat actors could leverage the critical flaw, tracked as CVE-2023-45849, to facilitate code execution through the LocalSystem Windows OS account with escalated privileges, which could be later used for system settings modifications, malware deployment, data exfiltration, and system takeovers, according to Microsoft. On the other hand, exploitation of the remaining flaws, tracked as CVE-2023-5759, CVE-2023-35767, and CVE-2023-45319, could enable potentially significant disruptions from DoS attacks. Such flaws should prompt not only the implementation of Helix Core's latest version but also the adoption of regular third-party software updates, TLS certificates with proxies, crash alerts, and segmented networks, but also the logging of all Perforce Server access and the utilization of VPNs or IP allow-lists to limit access, noted Microsoft.