Security News > 2019 > October > 7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App
2019-10-09 18:49
A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app—one of the most popular open source replacements for Mac's built-in terminal app. Tracked as CVE-2019-9535, the vulnerability in iTerm2 was discovered as part of an independent security audit funded by the Mozilla Open Source Support Program (MOSS) and conducted by cybersecurity
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/m8ppnO200X0/iterm2-macos-terminal-rce.html
Related news
- Fortinet warns of critical RCE bug in endpoint management software (source)
- Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool (source)
- Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-9535 | Injection vulnerability in Iterm2 A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. | 9.8 |