all InfoSec news
Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack
Security Boulevard securityboulevard.com
The Legit Security research team has found a vulnerability in Azure Pipelines (CVE-2023-21553) that allows an attacker to execute malicious code in a context of a pipeline workflow, which allows attackers to gain sensitive secrets, move laterally in the organization, and initiate supply chain attacks.
The post Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack appeared first on Security Boulevard.
attack attackers attacks azure azure pipelines code code execution context cve legit legit security malicious organization pipeline pipelines remote code remote code execution research secrets security security boulevard security research software software supply chain software supply chain attack supply supply chain supply chain attack supply chain attacks team vulnerability