Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)

Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which may allow authenticated attackers to achieve remote code execution and gain control of the server. “As of September 25, 2023, Rapid7 is not aware of in-the-wild exploitation of CVE-2023-42793, and no public exploit code is available,” shared Caitlin Condon, head of vulnerability research at Rapid7. About CVE-2023-42793 CVE-2023-42793 is an authentication bypass vulnerability that … More →

The post …

attackers attacks aware code code execution continuous continuous delivery continuous integration control critical critical vulnerability cve delivery development don't miss exploited hot stuff integration jetbrains jetbrains teamcity may rapid7 remote code remote code execution september server software software delivery software development solution supply supply chain supply chain attacks vulnerability