Widely used source code management platform Perforce Helix Core Server was discovered by Microsoft to be impacted by four security flaws, including a critical remote code execution vulnerability and three high-severity denial-of-service bugs, which have already been patched last month, reports BleepingComputer. Threat actors could leverage the critical flaw, tracked as CVE-2023-45849, to facilitate code execution through the LocalSystem Windows OS account with escalated privileges, which could be later used for system settings modifications, malware deployment, data exfiltration, and system takeovers, according to Microsoft.
Source: SC Magazine