iTerm2 with tmux integration is vulnerable to remote command execution

A vulnerability exists in the way that iTerm2 integrates with tmux’s control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execute arbitrary commands on their victim’s computer by providing malicious output to the terminal. It could be exploited using command-line utilities that print attacker-controlled content.

Recent assessments:

busterb at October 09, 2019 11:13pm UTC reported:

It’s probably just as important to choose terminal emulators that have minimal feature sets if you are doing administration work in the first place. iTerm2 in particular has a lot of features that are internally labeled as insecure, so it probably makes sense to evaluate if you are actually using those features and if you need them.

A maybe growing thread on exploitation: <https://twitter.com/TheColonial/status/1182032288785166336&gt;

Also here’s where to disable some of the other features by answering ‘Yes’ to this setting.

Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 1