JetBrains TeamCity Authentication Bypass (CVE-2023-42793)

Read Time:45 Second

What is the Attack?
Multiple cyberthreat actors seen exploiting the authentication bypass flaw in JetBrains TeamCity that could lead to remote code execution. If compromised, access to a TeamCity server would provide malicious actors with access to the software developer’s source code, signing certificates, and the ability to manipulate software compilation and deployment processes. The malicious actors could further use to conduct supply chain operations.

What is the Vendor Solution?

JetBrains released patch on September 18, 2023 to fix the affected TeamCity software on version 2023.05.4, which can be found here: https://www.jetbrains.com/teamcity/download/other.html.

What FortiGuard Coverage is available?

FortiGuard Labs has an IPS signature “JetBrains.TeamCity.CVE-2023-42793.Authentication.Bypass” (with default action is set to “block”) in place and has released Antivirus signatures for the known and related malware to the campaigns targeting the vulnerability (CVE-2023-42793).

Who is the DOGE and X Technician Branden Spikes?

Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites

Attackers Target Japanese Firms with Cobalt Strike

The Combined Cipher Machine

Cybersecurity Job Satisfaction Plummets, Women Hit Hardest

Six Critical Infrastructure Sectors Failing on NIS2 Compliance

US Charges Members of Chinese Hacker-for-Hire Group i-Soon

Smashing Security podcast #407: HP’s hold music, and human trafficking

Cactus ransomware: what you need to know

JetBrains TeamCity Authentication Bypass (CVE-2023-42793)

USN-7323-2: Linux kernel vulnerabilities

USN-7334-1: Firefox vulnerabilities

chromium-134.0.6998.35-1.el10_1

chromium-134.0.6998.35-1.fc41

chromium-134.0.6998.35-1.el9

chromium-134.0.6998.35-1.fc40