Plattform
teamcity
Komponente
teamcity
Behoben in
2025.07
CVE-2025-54531 describes a Path Traversal vulnerability discovered in JetBrains TeamCity. This flaw allows attackers to potentially access arbitrary files on the server by manipulating the plugin unpacking process, specifically on Windows systems. Versions prior to 2025.07 are affected, and a patch is available in version 2025.07.
The Path Traversal vulnerability in TeamCity allows an attacker to bypass access controls and read arbitrary files on the server hosting the TeamCity instance. This is achieved by crafting malicious plugin packages that, when unpacked, contain paths that escape the intended directory structure. Successful exploitation could lead to the exposure of sensitive information such as configuration files containing database passwords, API keys, or even source code repositories. The potential for lateral movement is limited to the server hosting TeamCity, but the blast radius can be significant depending on the data stored on that server. This vulnerability shares similarities with other path traversal exploits where attackers leverage insufficient input validation to access unauthorized resources.
CVE-2025-54531 was publicly disclosed on 2025-07-28. Its severity is rated HIGH with a CVSS score of 7.7. There is no indication of this vulnerability being added to the CISA KEV catalog at this time. Public proof-of-concept exploits are currently unknown, but the nature of path traversal vulnerabilities makes it likely that such exploits will emerge. Active campaigns targeting this vulnerability are not yet confirmed.
Organizations heavily reliant on JetBrains TeamCity for their CI/CD pipelines are particularly at risk. This includes development teams using TeamCity to automate builds, testing, and deployments. Environments with lax plugin installation policies or inadequate file system permissions are also more vulnerable.
• windows / teamcity:
Get-ChildItem -Path "C:\Program Files\JetBrains\TeamCity\plugins\*\" -Recurse -ErrorAction SilentlyContinue | Where-Object {$_.FullName -match '\\..\\'}• teamcity: Examine TeamCity server logs for plugin installation attempts from untrusted sources or unusual file access patterns during plugin unpacking. • generic web: Monitor TeamCity server access logs for requests attempting to access files outside of the expected plugin directory structure.
disclosure
Exploit-Status
EPSS
0.00% (0% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-54531 is to upgrade TeamCity to version 2025.07 or later, which includes the fix. If an immediate upgrade is not possible, consider temporarily restricting plugin installations to trusted sources only. Implement strict file access controls on the TeamCity server to limit the impact of a potential breach. Monitor TeamCity logs for suspicious activity related to plugin installations and unpacking processes. While a WAF may not directly prevent this vulnerability, it can be configured to detect and block requests containing suspicious path traversal patterns. After upgrading, confirm the fix by attempting to install a test plugin and verifying that the unpacking process does not allow access to files outside the designated plugin directory.
Actualice TeamCity a la versión 2025.07 o posterior. Esta actualización corrige la vulnerabilidad de path traversal durante el desempaquetado de plugins en Windows.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-54531 is a Path Traversal vulnerability in JetBrains TeamCity versions 0–2025.07, allowing attackers to access files via plugin unpacking on Windows.
If you are running JetBrains TeamCity versions 0–2025.07 on a Windows server, you are potentially affected by this vulnerability.
Upgrade to JetBrains TeamCity version 2025.07 or later to remediate the vulnerability. Consider restricting plugin installations to trusted sources as a temporary measure.
While no active exploitation has been confirmed, the vulnerability's nature suggests a potential for exploitation, and it's recommended to apply the patch promptly.
Refer to the JetBrains security advisory for detailed information and updates: [https://www.jetbrains.com/security/announcements/cve-2025-54531/]
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.