Help
FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
bmali
Staff
Staff

Created on ‎12-13-2023 09:23 PM

Article Id 289203

Outbreak Alert: JetBrains TeamCity Unauthenticated Remote Code Execution

FortiRecon provides outside-in coverage for risks toward customers. External Attack Surface Management helps customers identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise. The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb,Telegram, Social media, News / Blogs etc.  

 

CVE ID

CVE-2023-42793

CVE Title    

JetBrains TeamCity Unauthenticated Remote Code Execution

CVE Severity   

High

ACI Coverage    
  • 3 ACI reporting (OSINT) for this vulnerability.  
  • Discussion on 3 Telegram channels:
    • WARLOCK DARK ARMY
    • Freedom F0x
    • Proxy Bar
  • 09 articles referencing this CVE on the security blog.   
  • 4 public code repositories containing possible POC exploits for this vulnerability

Exploited 

Yes

Exploited By Threat Actor(s) 

Diamond Sleet and Onyx Sleet (North Korean Threat Actors)

EASM Scanner    

No

153
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.