JetBrains has issued a warning to its customers regarding a critical security vulnerability found in its TeamCity On-Premises software, used for continuous integration and continuous deployment (CI/CD). This flaw, identified as CVE-2024-23917 and rated 9.8 out of 10 in severity according to the Common Vulnerability Scoring System (CVSS), poses a significant risk.
According to JetBrains, the vulnerability could allow threat actors to exploit susceptible instances of TeamCity On-Premises, potentially granting them administrative control. This affects all versions from 2017.1 through 2023.11.2. However, version 2023.11.3 addresses this issue.
The discovery of the flaw is credited to an external security researcher on January 19, 2024. JetBrains advises users to update their servers to version 2023.11.3 or apply a security patch plugin if immediate updating is not feasible. For servers accessible over the internet, JetBrains recommends making them temporarily inaccessible until mitigation measures are in place.
While there’s no evidence of exploitation yet, it’s worth noting that a similar vulnerability (CVE-2023-42793, with a CVSS score of 9.8) in the same product was actively exploited by threat actors shortly after its public disclosure last year, including ransomware groups and state-sponsored entities associated with North Korea and Russia.