Critical vulnerability discovered in Helix Core Server could give full system control to hackers
Four vulnerabilities have been discovered by Microsoft in the Perforce Helix Core Server, with one of them giving the ability for an intruder to remotely execute commands from the ‘LocalSystem’ account.
Helix Core Server offers a single location for storage and access to digital content, often used to store code, and allows an enhanced workflow by providing multiple users access to the same file content and its history.
The software is used by Microsoft’s game developers, and the vulnerabilities were discovered during a security review of the product. It is widely used across a range of other sectors, including government, military, and technology.
High scores across the board
Three of the vulnerabilities received a CVSS score of 7.5, and involve using either remote commands or RPC header abuse to cause a denial of service (DoS). However, the most dangerous vulnerability received a CVSS score of 9.8 and a ‘critical’ rating, as the vulnerability allows threat actors to execute code remotely as the LocalSystem user.
This is particularly dangerous as the LocalSystem user is primarily used to execute system functions, and has privileged access to system files and other sensitive resources, meaning that if this vulnerability were to be successfully exploited it could surrender complete control of the targeted system.
Moreover, this vulnerability also allows threat actors to install backdoors giving them the opportunity to access systems at a later date to steal sensitive information or plan a ransomware attack.
The full list of vulnerabilities as summarized on the NIST National Vulnerability Database is:
- CVE-2023-5759 (CVSS score 7.5): Unauthenticated (DoS) via RPC header abuse.
- CVE-2023-45849 (CVSS score 9.8): Unauthenticated remote code execution as LocalSystem.
- CVE-2023-35767 (CVSS score 7.5): Unauthenticated DoS via remote command.
- CVE-2023-45319 (CVSS score 7.5): Unauthenticated DoS via remote command.
Helix Core Server users can upgrade to the latest version, 2023.1/2513900, to protect themselves from this vulnerability, and Perforce also offered a number of security recommendations in this security guide.
Via BleepingComputer
More from TechRadar Pro
Four vulnerabilities have been discovered by Microsoft in the Perforce Helix Core Server, with one of them giving the ability for an intruder to remotely execute commands from the ‘LocalSystem’ account. Helix Core Server offers a single location for storage and access to digital content, often used to store code,…
Recent Posts
- The newest Star Wars Acolyte trailer seems to reveal the show’s big bad
- 6-screen laptop manufacturer is very much alive — Acme Portable’s Megapac L3 is the original hexadisplay mobile powerstation and is still on sale, shame that it is still using old dual CPU tech from AMD and Intel
- ChromeOS gets better multitasking and Wi-Fi traffic prioritization
- Huge Google Pixel 8a leak includes all the predicted specs – and a price
- Huge Google Pixel 8a leak includes all the predicted specs – and a price
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011