Important TeamCity Bugs Endanger Software program Provide Chain

Critical TeamCity Bugs Endanger Software Supply Chain

Cloud variations of the JetBrains TeamCity software program growth platform supervisor have already been up to date towards a brand new pair of crucial vulnerabilities, however on-premises deployments want instant patching, a safety advisory from the seller warned this week.

That is the second spherical of crucial TeamCity vulnerabilities up to now two months. The ramifications might be huge: The corporate’s software program growth lifecycle (SDLC) platform is used throughout 30,000 organizations, together with Citibank, Nike, and Ferrari.

The TeamCity instrument manages the software program growth CI/CD pipeline, which is the method by which code is constructed, examined, and deployed. The brand new vulnerabilities, tracked underneath CVE-2024-27198 and CVE-2024-27199, might permit risk actors to bypass authentication and achieve admin management of the sufferer’s TeamCity server, based on a blog post from TeamCity.

The issues have been discovered and reported by Rapid7 in February, the corporate added. The Rapid7 workforce is poised to launch full technical particulars imminently, making it crucial for groups operating TeamCity on-premises variations by means of 2023.11.3 to get their techniques patched earlier than risk actors catch onto the chance, the corporate suggested.

Along with releasing an up to date TeamCity model, 2023-11.4, the seller provided a safety patch plugin for groups unable to improve rapidly.

The CI/CD setting is prime to the software program provide chain, making it a lovely assault vector for classy superior persistent risk (APT) teams.

JetBrains TeamCity Bug Endangers Software program Provide Chain

In late 2023, governments worldwide raised the alarm that the Russian state-backed group APT29 (aka Nobelium, Midnight Blizzard, and Cozy Bear — the risk actor behind the 2020 SolarWinds assault) was actively exploiting an analogous vulnerability in JetBrains TeamCity that would likewise permit software program provide chain cyberattacks.

“The flexibility of an unauthenticated attacker to bypass authentication checks and achieve administrative management poses a big danger not solely to the instant setting but in addition to the integrity and safety of the software program being developed and deployed by means of such compromised CI/CD pipelines,” Ryan Smith, head of product for Deepfence, stated in an announcement.

Smith added the information reveals a “notable uptick” in each the amount and the complexity of software program provide chain cyberattacks normally.

“The current JetBrains incident serves as a stark reminder of the criticality of immediate vulnerability administration and proactive risk detection methods,” Smith stated. “By fostering a tradition of agility and resilience, organizations can improve their skill to thwart rising threats and safeguard their digital belongings successfully.”

Notify of
Inline Feedbacks
View all comments
Previous Post
Amex Customer Data Exposed in Third-Party Breach

Amex Buyer Knowledge Uncovered in Third-Occasion Breach

Next Post
Zero-Click GenAI Worm Spreads Malware, Poisoning Models

Zero-Click on GenAI Worm Spreads Malware, Poisoning Fashions

Related Posts