CyberNews Briefs

iTerm2 Patches Critical Vulnerability Active for 7 Years

For the last seven years, iTerm2, the most used terminal emulator for macOS, contained a critical flaw that could have enabled threat actors to run arbitrary code on vulnerable systems in various ways. This is especially worrisome considering the fact that the application’s user base consists in large part of software developers and system administrators.

Attackers could exploit the vulnerability, tracked as CVE-2019-9535, by getting an iTerm2 user to connect to a malicious SSH server or to request content from a malicious website using the ‘curl’ command. The flaw was found in a recent audit by Radically Open Security and has since been patched.

Read more: iTerm2 Patches Critical Vulnerability Active for 7 Years

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.