Jason Geffner’s Post

View profile for Jason Geffner, graphic
Jason Geffner

Principal Security Architect at Microsoft

I recently discovered a new CVSS 10.0 vulnerability in Perforce Helix Core Server that allows for unauthenticated remote code execution (RCE) as LocalSystem. Read all about it and three new CVSS 7.5 vulnerabilities in my blog post below. https://lnkd.in/g6J3MFqq

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server | Microsoft Security Blog

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server | Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog

Guy Arazi

Senior Security Researcher @ MSRC V&M Microsoft | Vulnerability Researcher | Cloud & AppSec Enthusiast

10mo

I really like how you've broken down your research from the ground up in your blog post. It's awesome and I think it'll be super helpful for other security researchers too! Kudos 💪

Like
Reply
1 Reaction
Farzan Karimi

Sr. Director, Security Response & Attack Ops | Black Hat + DEFCON Speaker | X-Google Red Team Manager

10mo

Thorough analysis and write up! 👏🏻 (nice finds too)

Like
Reply
1 Reaction
Russ West

Current Security Soothsayer & IAM Incantor, Ex -Meta, -Amazon -Microsoft (ex-FAM?) (ex-AMF?)

10mo

Perchance Perforce proscibes powers poorly!

Like
Reply
2 Reactions
Parsia 👾 Hakimian

Security Engineer - DEF CON Speaker

10mo

Congrats 🎉

Like
Reply
1 Reaction
Eva Benn

Microsoft Red Team | Top 20 Cybersecurity Women of the World 2024 | OWASP Seattle | The Hacking Games | Advisory Board @ CEH (Certified Ethical Hacker) & GIAC | CISSP, CEH, CCSP, Security+, GIAC x5

10mo

That's cool! Nice work!

Like
Reply
1 Reaction
See more comments

To view or add a comment, sign in

Jason Geffner

2,660 followers

View Profile

Explore topics