Attackers using ransomware are taking advantage of a TeamCity vulnerability that was recently made public under dubious circumstances, as reported by cybersecurity firms and the product supplier.
JetBrains, the developer of the TeamCity build management and continuous integration server, announced fixes on March 4 for CVE-2024-27198 and CVE-2024-27199, two serious authentication bypass vulnerabilities. CVE-2024-27198, rated critical, allows remote, unauthenticated attackers to gain complete control of a server by creating a new admin user account or generating an admin access token.
Rapid7, the researchers who discovered the vulnerabilities, released information about CVE-2024-27198 and CVE-2024-27199 a few hours after JetBrains announced fixes.
Read More: Recent TeamCity Vulnerability Exploited in Ransomware Attacks
Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.