Identity and Access Vulnerabilities
JetBrains has released security updates addressing a series of critical vulnerabilities in its on-premise products. The most severe flaws are in JetBrains Hub and YouTrack, which serve as central identity management and project tracking systems. In Hub, a critical bug allows account takeover through predictable restore codes, enabling attackers to guess recovery tokens and hijack user accounts. Another Hub flaw lets attackers escalate privileges by attaching authentication details from other accounts to their own profile. Additionally, multiple Hub vulnerabilities enable authentication bypass through direct database access, granting full administrative capabilities without valid credentials. YouTrack also suffers from a critical authentication bypass tied to direct database access, allowing an attacker to gain administrative control over the issue tracking system.
Code Execution and Supply Chain Risks
Beyond the identity layer, JetBrains has fixed several execution level vulnerabilities that can be chained with compromised accounts. Kotlin is affected by unsafe deserialization in build cache metadata, allowing arbitrary code execution during builds. GoLand contains a remote code execution flaw rooted in untrusted project configuration, exploitable simply by opening a malicious project. IntelliJ IDEA suffers from command injection through filename completion and command execution via the guest user account. A TeamCity flaw enables remote code execution through Perforce connection settings, posing a significant software supply chain risk. An attacker who first abuses an authentication bypass in Hub or YouTrack and then leverages an RCE primitive in TeamCity or an IDE can pivot from a single foothold to full control over builds, artifacts, and deployments. Administrators should prioritize upgrading Hub and YouTrack, restrict database access, enforce strong authentication, and audit logs for anomalous activity.
Source: Cyber Security News
