Jason GeffnerI recently discovered a new CVSS 10.0 vulnerability in Perforce Helix Core Server that allows for unauthenticated remote code execution (RCE) as LocalSystem. Read all about it and three new CVSS 7.5 vulnerabilities in my blog post below.
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server | Microsoft Security Blog
Four new unauthenticated remotely exploitable security vulnerabilities discovered in the popular source code management platform Perforce Helix Core Server have been remediated after being responsibly disclosed by Microsoft. Perforce Server customers are strongly urged to update to version 2023.1/2513900.