Tag

#jetbrains

2 posts tagged #jetbrains.

Analysis · May 20, 2026 · Colten Anderson

The SolarWinds crew spent late 2023 breaking into build servers. That's not a coincidence.

CVE-2023-42793 is an unauthenticated RCE on JetBrains TeamCity. APT29, the Russian service behind SolarWinds, exploited it at scale, and so did North Korean groups. They weren't after one network. A build server is the supply chain.
Analysis · May 5, 2026 · Colten Anderson

TeamCity's path traversal took two years to reach KEV. That's a long time to leave a CI server exposed.

CVE-2024-27199, a path traversal in JetBrains TeamCity On-Premises, was patched in March 2024 and exploited by BianLian ransomware within days. CISA added it to KEV in April 2026 with a May 4 federal deadline. If you're still below 2023.11.4, this is two years overdue.