Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally - 20231214002¶
Overview¶
The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK's National Cyber Security Centre (NCSC) assess Russian Foreign Intelligence Service (SVR) cyber actors are targeting servers hosting JetBrains TeamCity software since September 2023.
What is the vulnerability?¶
CVE-2023-42793 - CVSS v3 Base Score: 9.8
What is vulnerable?¶
The vulnerability affects the following products:
- JetBrains TeamCity before 2023.05.4
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours... (refer Patch Management):