Critical TeamCity Bugs Endanger Software Supply Chain

March 4, 2024 at 06:09PM TeamCity’s cloud versions are already patched against new critical vulnerabilities, but on-premises deployments require immediate patching, warns the vendor. The platform, used by major organizations including Citibank and Nike, manages the software development CI/CD pipeline. The vulnerabilities (CVE-2024-27198 and CVE-2024-27199) could enable threat actors to bypass authentication and gain admin … Read more

Patch Now: Critical TeamCity Bug Allows for Server Takeovers

February 7, 2024 at 01:33PM JetBrains has issued a security patch for a critical vulnerability in its TeamCity On-Premises server, which could be exploited by remote attackers to gain control over the server. This impacts all versions from 2017.1 to 2023.11.2. Users are urged to update to the patched version or install a security patch … Read more

JetBrains urges swift patching of latest critical TeamCity flaw

February 7, 2024 at 07:37AM JetBrains urges all TeamCity (on-prem) users to upgrade to the latest version due to a critical vulnerability (CVE-2024-23917) with a 9.8 CVSS score, allowing unauthenticated remote attackers to seize control of vulnerable servers. This affects versions from 2017.1 to 2023.11.2, patched in 2023.11.3. Admins are advised to upgrade immediately or … Read more

Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover – Patch Now

February 7, 2024 at 04:02AM JetBrains warns of critical security flaw (CVE-2024-23917) in TeamCity On-Premises software, allowing unauthenticated attackers to gain administrative control. Users advised to update to version 2023.11.3 or use a security patch plugin. Vulnerability affects versions from 2017.1 to 2023.11.2. No known exploits, but caution urged due to past similar incidents. Key … Read more

JetBrains warns of new TeamCity auth bypass vulnerability

February 6, 2024 at 12:36PM JetBrains has issued a critical security alert, urging customers to patch their TeamCity On-Premises servers to address a vulnerability (CVE-2024-23917) allowing attackers to gain admin privileges through remote code execution attacks. Customers are advised to update to version 2023.11.3 immediately. An earlier flaw (CVE-2023-42793) has been exploited by various threat … Read more

Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users

December 14, 2023 at 09:14AM Summary: Authorities warn that Russia’s SVR’s cyber unit is exploiting a critical vulnerability in JetBrains TeamCity CI/CD server. The exploit could enable manipulation of source code, and potentially facilitate future attacks. The advisory outlines the SVR’s cyber operations and their long-term objectives in cyberspace. Mitigations and indicators of compromise are … Read more

North Korean State Actors Attack Critical Bug in TeamCity Server

October 19, 2023 at 04:33PM North Korean state-backed threat groups, Diamond Sleet and Onyx Sleet, are exploiting a critical vulnerability in JetBrains TeamCity server to carry out cyber espionage, data theft, and other malicious activities. Over 30,000 organizations, including Citibank, Nike, and Ferrari, use TeamCity. The vulnerability allows attackers to gain administrative privileges and execute … Read more

North Korean Hackers Exploiting Recent TeamCity Vulnerability

October 19, 2023 at 07:06AM Multiple North Korean threat actors, including Diamond Sleet and Onyx Sleet, have been targeting vulnerable TeamCity servers using the CVE-2023-42793 vulnerability, which allows remote code execution and admin-level access. Microsoft warns that these threat actors have a history of conducting software supply chain attacks and poses a high risk to … Read more