Perforce software hit with some major security vulnerabilities

• Perforce says it found an authentication bypass flaw affecting all versions of all software
• The flaw could grant malicious actors admin privileges on target endpoints
• A patch is being worked on, so be on your guard

Perforce recently discovered a major vulnerability affecting its entire software portfolio which could allow threat actors to gain full admin access without authentication. It urged its users to apply available mitigations while it works on releasing a patch.

The company said that a team of white-hat hackers found a vulnerability “affecting all versions of the platform” and posing a “severe risk to organizations worldwide, as it allows an attacker to gain full administrative access to the system without authentication.”

The bug is an authentication bypass vulnerability, affecting all versions of all Perforce software, it was said. The company reported it to global security databases, and currently awaits a CVE.

Authentication bypass

“This vulnerability compromises ...