Audit Finds Critical Vulnerability in Popular macOS Terminal Emulator
A Mozilla security audit has led to the discovery of a critical Remote Command Execution (RCE) vulnerability in the popular iTerm2 macOS Terminal Emulator.
A 7-year old critical remote code execution vulnerability has been discovered in the iTerm2 macOS terminal emulator app, one of the most popular open-source replacements for Mac’s built-in terminal app. It’s one of the most popular terminal emulators in the world and frequently used by developers.
Tracked as CVE-2019-9535, the vulnerability was discovered via a security audit funded by the Mozilla Open Source Support Program (MOSS). This vulnerability has been present in the macOS Terminal Emulator for at least 7 years. An attacker who can produce output to the terminal can, in many cases, execute commands on the user’s computer.
“Typically, this vulnerability would require some degree of user interaction or trickery, but because it can be exploited via commands generally considered safe, there is a high degree of concern about the potential impact,” Mozilla warns.
Audit Your Network for Vulnerable iTerm2 Installations
The vulnerability affects versions up to and including 3.3.5 and has recently been patched with the release of version 3.3.6. If you currently have iTerm2 macOS Terminal Emulator on your workstations, it’s pretty critical that you update it at the earliest opportunity to ensure that you don’t fall prey to this RCE vulnerability.
Our custom iTerm2 Vulnerability Audit Report can tell you in no time which devices have an outdated terminal version in place and need to be patched. The audit gives you an overview of how many devices are affected and you can monitor the update process to ensure your environment is fully patched.
If you haven’t already, start your free Lansweeper trial and get a list of all vulnerable iTerm2 installations in no time.
