Vulnerability Description
An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an attacker to inject arbitrary code into the terminal, a different vulnerability than CVE-2024-38395.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iterm2 | Iterm2 | >= 3.5.0, < 3.5.2 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2024/06/17/1Mailing List
- https://gitlab.com/gnachman/iterm2/-/commit/fc60236a914d63fb70a5c632e211203a4f1bPatch
- https://iterm2.com/downloads.htmlProduct
- https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-Exploit
- http://www.openwall.com/lists/oss-security/2024/06/17/1Mailing List
- https://gitlab.com/gnachman/iterm2/-/commit/fc60236a914d63fb70a5c632e211203a4f1bPatch
- https://iterm2.com/downloads.htmlProduct
- https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-Exploit
FAQ
What is CVE-2024-38396?
CVE-2024-38396 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), all...
How severe is CVE-2024-38396?
CVE-2024-38396 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-38396?
Check the references section above for vendor advisories and patch information. Affected products include: Iterm2 Iterm2.