iTerm macOS terminal app has been one of the most popular open-source replacement apps for Mac’s built-in terminal app. Now this open-source app is facing a serious vulnerability which is seven years old. This vulnerability is tracked as CVE-2019-9535. Mozilla Open Source Support Program found this program in their cyber audit. A cybersecurity firm that goes by the name Radical Open Security conducted this audit and found the vulnerability.
iTerm 2 processes a lot of unsecured data and so many developers, programmers use it. This is the reason why MOSS has selected this platform. The data that iTerm 2 deals with is very confidential. It is important to know about any kind of vulnerabilities present on this platform.
Mozilla published a blog post regarding this issue and according to it, this RCE flaw is present in the tmux integration feature. It is a very important terminal and the hacker can exploit it to execute any kind of arbitrary commands. The hacker should just give malicious output for the terminal.
Hacker Can Connect the App with Malicious Websites and Files
The hacker can connect this terminal to the malicious SSH server, use the tail-f feature to follow a file containing malicious data or use commands like “curl” to fetch any kind of malicious website. This flaw can also trigger the user to print the content that the attacker wants by giving some arbitrary commands.
This kind of vulnerability requires some tricks for execution however the flaw present in iTerm doesn’t need any kind of tricks. The usual arbitrary commands can also result in falling prey for an attack. The concern here is of a higher degree. This vulnerability can affect the iTerm versions up to 3.3.5 including it. It has been patched in the newest version of the software- iTerm 2.3.6. Users can download this manually or update the software within the installed apps menu.