JetBrains TeamCity Authentication Bypass (CVE-2023-42793)

Read Time:45 Second

What is the Attack?
Multiple cyberthreat actors seen exploiting the authentication bypass flaw in JetBrains TeamCity that could lead to remote code execution. If compromised, access to a TeamCity server would provide malicious actors with access to the software developer’s source code, signing certificates, and the ability to manipulate software compilation and deployment processes. The malicious actors could further use to conduct supply chain operations.

What is the Vendor Solution?

JetBrains released patch on September 18, 2023 to fix the affected TeamCity software on version 2023.05.4, which can be found here: https://www.jetbrains.com/teamcity/download/other.html.

What FortiGuard Coverage is available?

FortiGuard Labs has an IPS signature “JetBrains.TeamCity.CVE-2023-42793.Authentication.Bypass” (with default action is set to “block”) in place and has released Antivirus signatures for the known and related malware to the campaigns targeting the vulnerability (CVE-2023-42793).

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers

Stripe API Skimming Campaign Unveils New Techniques for Theft

Royal Mail Investigates Data Breach Affecting Supplier

Gray Bots Surge as Generative AI Scraper Activity Increases

Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK

Rational Astrologies and Security

North Korea’s Fake IT Worker Scheme Sets Sights on Europe

Steam Surges to Top of Most Spoofed Brands List in Q1

ICO Apologizes After Data Protection Response Snafu

JetBrains TeamCity Authentication Bypass (CVE-2023-42793)

APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5

APPLE-SA-03-31-2025-7 macOS Sequoia 15.4

APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4

APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11

APPLE-SA-03-31-2025-4 iPadOS 17.7.6

APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4