CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog
October 05, 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the JetBrains TeamCity flaw CVE-2023-42793 (CVSS score: 9.8) and Windows bug CVE-2023-28229 (CVSS score: 7.0) to its Known Exploited Vulnerabilities Catalog.
Below are the descriptions of the two vulnerabilities:
- CVE-2023-42793 JetBrains TeamCity Authentication Bypass Vulnerability. The vulnerability is an authentication bypass issue affecting the on-premises version of TeamCity. An attacker can exploit the flaw to steal source code and stored service secrets and private keys of the target organization. By injecting malicious code, an attacker can also compromise the integrity of software releases and impact all downstream users.
- CVE-2023-28229 Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability. At the end of August a cybersecurity researcher released the details, and a proof-of-concept (PoC) exploit for this vulnerability. The vulnerability, which has a CVSS score of 7.0, could allow an attacker to gain specific limited SYSTEM privileges.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix this flaw by October 25, 2023.
This week the US CISA also added a Use-After-Free Vulnerability, tracked as CVE-2023-4211, in Arm Mali GPU Kernel Driver to the Catalog. CISA orders federal agencies to fix this flaw by October 24, 2023.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Known Exploited Vulnerabilities catalog)