ASA-2019-00556 – iTerm2: Remote command execution via output to the terminal

During the audit, Radically Open Security identified a critical vulnerability in the tmux integration feature of iTerm2. An attacker who can produce output to the terminal can, in many cases, execute commands on the user’s computer. Example attack vectors for this would be connecting to an attacker-controlled SSH server or commands like curl and tail -f /var/log/apache2/referer_log.