A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execute arbitrary commands on their victim's computer by providing malicious output to the terminal. It could be exploited using command-line utilities that print attacker-controlled content.
Workaround:
The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
| Link | Tags |
|---|---|
| https://kb.cert.org/vuls/id/763073/ | third party advisory us government resource |
| https://blog.mozilla.org/security/2019/10/09/iterm2-critical-issue-moss-audit/ | third party advisory exploit |
| https://groups.google.com/forum/#%21topic/iterm2-discuss/57k_AuLdQa4 |