LOWCVE-2024-0325CVSS 3.6

CVE-2024-0325: Command Injection in Helix Sync

Platform

other

Component

helix-sync

Fixed in

2024.1

AI Confidence: highNVDEPSS 0.1%Reviewed: May 2026

View on NVD

Save

CVE-2024-0325 describes a Command Injection vulnerability discovered in Helix Sync. This flaw allows a local attacker to execute arbitrary commands on the system. The vulnerability affects versions prior to 2024.1, and a fix is available in version 2024.1. Bryan Riggins reported the issue.

Impact and Attack Scenarios

Successful exploitation of CVE-2024-0325 could allow an attacker with local access to execute arbitrary commands on the system running Helix Sync. This could lead to a complete system compromise, including data theft, modification, or destruction. The attacker would need to be present on the same machine as the vulnerable Helix Sync instance to exploit this vulnerability. The potential impact is significant, as it bypasses standard authentication and authorization mechanisms.

Exploitation Context

CVE-2024-0325 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a low probability of immediate widespread exploitation. The vulnerability was disclosed on 2024-02-01.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureLow

EPSS

0.11% (29% percentile)

CISA SSVC

Exploitationnone

Automatableno

Technical Impactpartial

CVSS Vector

Affected Software

Componenthelix-sync

VendorHelix

Affected rangeFixed in

0.0.0 – 2024.12024.1

Weakness Classification (CWE)

CWE-94

Timeline

Reserved2024-01-08
Published2024-02-01
Modified2024-08-01
EPSS updated2026-04-02

Mitigation and Workarounds

The primary mitigation for CVE-2024-0325 is to upgrade Helix Sync to version 2024.1 or later. If an immediate upgrade is not possible, restrict local access to the Helix Sync server to only trusted users. Consider implementing stricter file system permissions to limit the attacker's ability to execute commands. There are no specific WAF or proxy rules applicable to this local command injection vulnerability. After upgrading, verify the fix by attempting to execute a command through the vulnerable endpoint and confirming that it is blocked.

How to fix

Update Helix Sync to version 2024.1 or later. The update will fix the (command injection) vulnerability and protect your system. See Perforce documentation for detailed instructions on how to update.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2024-0325 — Command Injection in Helix Sync?

CVE-2024-0325 is a Command Injection vulnerability affecting Helix Sync versions prior to 2024.1. It allows a local attacker to execute arbitrary commands.

Am I affected by CVE-2024-0325 in Helix Sync?

You are affected if you are running Helix Sync versions 0.0.0–2024.1 and have not upgraded to version 2024.1 or later.

How do I fix CVE-2024-0325 in Helix Sync?

Upgrade Helix Sync to version 2024.1 or later. If immediate upgrade is not possible, restrict local access to the server.

Is CVE-2024-0325 being actively exploited?

There are currently no widespread reports of active exploitation, but the vulnerability remains a risk.

Where can I find the official Helix Sync advisory for CVE-2024-0325?

Refer to the Helix Sync release notes and security advisories on the official Helix Sync website for details.