Login Sign Up

CVE-2021-31899

8.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in JetBrains Code With Me allows clients in read-only mode to execute arbitrary code on the host system. It affects all JetBrains IDEs with Code With Me enabled before version 2021.1. Users who collaborate using Code With Me's read-only mode are vulnerable to remote code execution.

💻 Affected Systems

Products:
  • All JetBrains IDEs with Code With Me feature (IntelliJ IDEA, PyCharm, WebStorm, etc.)
Versions: All versions before 2021.1
Operating Systems: Windows, macOS, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when Code With Me collaboration feature is enabled and being used.

📦 What is this software?

Code With Me by Jetbrains

View all CVEs affecting Code With Me →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with read-only access can execute arbitrary code on the host system, potentially leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Malicious collaborators could execute code on the host system during shared coding sessions, compromising development environments and potentially accessing sensitive source code or credentials.

🟢

If Mitigated

With proper network segmentation and limited collaboration permissions, impact would be contained to isolated development environments.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires an attacker to be invited as a read-only collaborator, making it a targeted attack rather than mass exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2021.1 or later

Vendor Advisory: https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/

Restart Required: Yes

Instructions:

1. Open your JetBrains IDE. 2. Go to Help > Check for Updates. 3. Install update to version 2021.1 or later. 4. Restart the IDE after installation completes.

🔧 Temporary Workarounds

Disable Code With Me

all

Temporarily disable the Code With Me collaboration feature until patching is possible.

In IDE: File > Settings > Tools > Code With Me > Uncheck 'Enable Code With Me'

Network Restriction

all

Restrict Code With Me to trusted internal networks only.

Configure firewall to block Code With Me ports (default 443) from external networks

🧯 If You Can't Patch

  • Disable Code With Me feature entirely in IDE settings
  • Only collaborate with trusted individuals and monitor session activity closely

🔍 How to Verify

Check if Vulnerable:

Check IDE version in Help > About. If version is below 2021.1 and Code With Me is enabled, system is vulnerable.

Check Version:

In IDE: Help > About (shows version number)

Verify Fix Applied:

Verify IDE version is 2021.1 or higher in Help > About.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected process execution during Code With Me sessions
  • Suspicious network connections from IDE process

Network Indicators:

  • Unusual outbound connections from IDE during collaboration sessions

SIEM Query:

process_name:ide* AND (event_type:process_execution OR dest_port:443) AND user:developer

📊 Metadata

CVE ID: CVE-2021-31899
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: May 11, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON