CVE-2019-9535
CRITICALiTerm2 <= 3.3.5 - Remote Code Execution via tmux Control Mode
Title source: llmDescription
A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execute arbitrary commands on their victim's computer by providing malicious output to the terminal. It could be exploited using command-line utilities that print attacker-controlled content.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://kb.cert.org/vuls/id/763073/
Exploit, Third Party Advisory x_refsource_misc
https://blog.mozilla.org/security/2019/10/09/iterm2-critical-issue-moss-audit/
Mailing List x_refsource_confirm
https://groups.google.com/forum/#%21topic/iterm2-discuss/57k_AuLdQa4
Scores
CVSS v3
9.8
EPSS
0.0248
EPSS Percentile
82.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-349
CWE-74
Status
published
Products (1)
iterm2/iterm2
< 3.3.5
Published
Oct 09, 2019
Tracked Since
Feb 18, 2026