Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack

The Legit Security research team has found a vulnerability in Azure Pipelines (CVE-2023-21553) that allows an attacker to execute malicious code in a context of a pipeline workflow, which allows attackers to gain sensitive secrets, move laterally in the organization, and initiate supply chain attacks.

The post Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack appeared first on Security Boulevard.