Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account


Microsoft review found four vulnerabilities in Perforce Helix Core Server: remote execution of arbitrary code

2024-05-21 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >


Shulou( Report-- reported on December 19 that Perforce Helix Core Server recently exposed four vulnerabilities, one of which was rated as "critical". Note: Perforce Helix Core Server is a source code management platform widely used by games, government, military and technical departments.

Microsoft analysts found these vulnerabilities when they reviewed its game studio products and reported them to Perforce in late August 2023.

Microsoft said that although there is no evidence that hackers have used these vulnerabilities to launch attacks, it is recommended that users of the product upgrade to 2023.1 Compact 2513900, released on November 7, 2023, to reduce risk.

The four vulnerabilities discovered by Microsoft this time are mainly related to denial of service (DoS) issues, the most serious of which allow attackers to execute arbitrary remote code in LocalSystem mode without authentication.

The main contents of 4 vulnerabilities attached to are as follows:

CVE-2023-5759 (CVSS score 7.5): unauthenticated (DoS) through misuse of RPC headers.

CVE-2023-45849 (CVSS score 9.8): executes unauthenticated remote code as a LocalSystem.

CVE-2023-35767 (CVSS score 7.5): unauthenticated DoS via remote commands.

CVE-2023-45319 (CVSS score 7.5): unauthenticated DoS via remote commands.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

IT Information


© 2024 SLNews company. All rights reserved.