Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-110365
HistoryOct 09, 2019 - 12:00 a.m.

iTerm2 CVE-2019-9535 Remote Command Execution Vulnerability

2019-10-0900:00:00
Symantec Security Response
www.symantec.com
23

0.005 Low

EPSS

Percentile

77.3%

JSON

Description

iTerm2 is prone to a remote command-injection vulnerability Attackers can exploit this issue to execute arbitrary commands on the system. iTerm2 version 3.3.5 and prior versions are vulnerable.

Technologies Affected

  • iTerm2 iTerm2 3.0.4
  • iTerm2 iTerm2 3.1.0
  • iTerm2 iTerm2 3.1.5
  • iTerm2 iTerm2 3.2.0
  • iTerm2 iTerm2 3.2.5
  • iTerm2 iTerm2 3.3.0
  • iTerm2 iTerm2 3.3.1
  • iTerm2 iTerm2 3.3.2
  • iTerm2 iTerm2 3.3.3
  • iTerm2 iTerm2 3.3.4
  • iTerm2 iTerm2 3.3.5

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of a successful exploit, run server software with the least privileges required and in restricted environments while still maintaining functionality.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to websites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Do not follow links provided by unknown or untrusted sources.
Never follow links provided by unknown or untrusted sources.

Implement multiple redundant layers of security.
Implement measures such as ‘.htaccess’ to provide an additional layer of authentication for sensitive or privileged information.

Updates are available. Please see the references or vendor advisory for more information.

Related

prion 1
cert 1
attackerkb 1
thn 1
cisa 1
osv 1
cve 1
cvelist 1
nvd 1
prion
prion
Command injection
2019-10-09 20:15:00
cert
cert
iTerm2 with tmux integration is vulnerable to remote command execution
2019-10-09 00:00:00
attackerkb
attackerkb
iTerm2 with tmux integration is vulnerable to remote command execution
2019-10-09 00:00:00
thn
thn
7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App
2019-10-09 18:38:00
cisa
cisa
iTerm2 Vulnerability
2019-10-09 00:00:00
osv
osv
CVE-2019-9535
2019-10-09 20:15:33
cve
cve
CVE-2019-9535
2019-10-09 20:15:33
cvelist
cvelist
CVE-2019-9535 iTerm2, up to and including version 3.3.5, with tmux integration is vulnerable to remote command execution
2019-10-09 00:00:00
nvd
nvd
CVE-2019-9535
2019-10-09 20:15:33

0.005 Low

EPSS

Percentile

77.3%

JSON
Related for SMNTC-110365
prion1cert1attackerkb1thn1cisa1osv1cve1cvelist1nvd1