CVE-2023-42793: TeamCity Critical Auth Bypass (2023)
Was TeamCity exploited by nation-state actors?
An authentication bypass in the JetBrains TeamCity on-premises server. Remote unauthenticated attackers can reach the TeamCity Server REST API and create a new admin user, leading to full build server compromise.
Impact & Exploitation
Exploited by North Korean Lazarus Group (Diamond Sleet) and Russian APT29. Enables source code theft, secret extraction, and supply chain attacks through the CI/CD pipeline.
How Precogs AI Detects TeamCity Critical Auth Bypass (2023)
Precogs AI identifies authentication bypass vulnerabilities in compiled CI/CD platform binaries and detects exposed build server management APIs during security assessments.
Precogs Research
This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.