BianLian group exploits JetBrains TeamCity bugs in ransomware attacks Pierluigi Paganini March 11, 2024 BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by […]
Hackers are exploiting a critical authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, leading to the creation of hundreds of unauthorized users on unpatched instances.
The JetBrains TeamCity On-Premises CI/CD solution has been found to have two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) that can allow remote attackers to take control of the server and modify system settings without authentication.
The vulnerability, tracked as CVE-2024-23917, affects all versions of TeamCity On-Premises from 2017.1 through 2023.11.2 and can lead to remote code execution attacks without requiring user interaction.
Feb 07, 2024NewsroomCybersecurity / Software Security JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its […]
In-the-wild exploitation of a critical vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch was announced. The vulnerability, tracked as CVE-2023-42793, impacts the on-premises version of TeamCity and it allows an unauthenticated attacker with access to a targeted server to achieve remote code execution […]
Sep 26, 2023THNVulnerability / Source Code A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following […]