CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

## Executive Summary CISA added CVE-2024-27198 (CVSS 9.8) — an authentication bypass in JetBrains TeamCity that can allow remote unauthenticated administrative takeover — to its Known Exploited Vulnerabilities catalog after active exploitation was observed starting March 4, 2024. Attackers have weaponized this flaw and the related CVE-2024-27199 to deliver Jasmin ransomware and create hundreds of rogue user accounts; organizations running on-premises TeamCity are urged to apply patches immediately, and U.S. federal agencies were given a remediation deadline of March 28, 2024.