Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which may allow authenticated attackers to achieve remote code execution and gain control of the server. “As of September 25, 2023, Rapid7 is not aware of in-the-wild exploitation of CVE-2023-42793, and no public exploit code is available,” shared Caitlin Condon, head of vulnerability research at Rapid7. About CVE-2023-42793 CVE-2023-42793 is an authentication bypass vulnerability that … More
The post Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793) appeared first on Help Net Security.