Technology

Critical vulnerability discovered in Helix Core Server could give full system control to hackers

December 19, 2023

Four vulnerabilities have been discovered by Microsoft in the Perforce Helix Core Server, with one of them giving the ability for an intruder to remotely execute commands from the ‘LocalSystem’ account.

Helix Core Server offers a single location for storage and access to digital content, often used to store code, and allows an enhanced workflow by providing multiple users access to the same file content and its history.

The software is used by Microsoft’s game developers, and the vulnerabilities were discovered during a security review of the product. It is widely used across a range of other sectors, including government, military, and technology.

High scores across the board

Three of the vulnerabilities received a CVSS score of 7.5, and involve using either remote commands or RPC header abuse to cause a denial of service (DoS). However, the most dangerous vulnerability received a CVSS score of 9.8 and a ‘critical’ rating, as the vulnerability allows threat actors to execute code remotely as the LocalSystem user.

This is particularly dangerous as the LocalSystem user is primarily used to execute system functions, and has privileged access to system files and other sensitive resources, meaning that if this vulnerability were to be successfully exploited it could surrender complete control of the targeted system.

Moreover, this vulnerability also allows threat actors to install backdoors giving them the opportunity to access systems at a later date to steal sensitive information or plan a ransomware attack.

The full list of vulnerabilities as summarized on the NIST National Vulnerability Database is:

CVE-2023-5759 (CVSS score 7.5): Unauthenticated (DoS) via RPC header abuse.
CVE-2023-45849 (CVSS score 9.8): Unauthenticated remote code execution as LocalSystem.
CVE-2023-35767 (CVSS score 7.5): Unauthenticated DoS via remote command.
CVE-2023-45319 (CVSS score 7.5): Unauthenticated DoS via remote command.

Helix Core Server users can upgrade to the latest version, 2023.1/2513900, to protect themselves from this vulnerability, and Perforce also offered a number of security recommendations in this security guide.

Via BleepingComputer

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

LEAVE A REPLY Cancel reply

EDITOR PICKS

POPULAR POSTS

QUICK LINKS

ABOUT US

FOLLOW US

Cookie bar