Sunday, June 7, 04:04
Home security iTerm macOS Terminal: Found with 7 critical vulnerability

iTerm macOS Terminal: Found with 7 critical vulnerability

iTermAccording to researchers, the iTerm macOS terminal app, an open-source application, which replaces the built-in terminal app of Mac devices, was found to be a critical one vulnerability. This vulnerability has been known for 7 years. Has been named CVE-2019-9535. It was discovered by Mozilla Open Source Support Program in one of its tests.

The iTerm 2 The app processes a large amount of data, which is not protected. In addition, it is used by many developers. This is a very popular application. Given the large amount of information it manages and the importance of this information (this is very confidential) data), detection of any vulnerability is of the utmost importance.

According to a blog post by Mozilla, the issue is very important. it is about a RCE vulnerability in tmux integration. The malicious hackers could exploit the vulnerability to execute various commands.

What can they do? hackers;

Hackers could use vulnerability for any malicious activity. For example, they could link the terminal app to the malicious one server SSH or use the tail-f attribute to track a malicious file and link it to the app. In addition, they could link the app to some malware website.

Usually, this vulnerability requires some tricks to be used by hackers. However, according to them researchers, iTerm vulnerability can be used much easier. All versions of iTerm up to 3.3.5 are vulnerable to the error. The team behind iTerm fixed the problem in the new 2.3.6 release. The experts recommend that all users of the app install the update in order to protect themselves from vulnerability. Users can download the update themselves or update it software using the installed applications menu.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Lyrics from AI technology or from people: Can you tell them apart?

While a large percentage of people can recognize when they are talking on a chatbot instead of a human operator, it seems that this is not the case ...

Technology and children: When are they ready for safe use?

Today's children and teens use various messaging apps and social media to ...

Call of Duty Black Ops Cold War: The first video leaked

The first video from the gameplay of Call of Duty 2020, which is rumored to be called Black Ops Cold War, has just been revealed.

Elon Musk: "It's time to break up Amazon"

Elon Musk intensifies the fight with Jeff Bezos with a new tweet: The General Manager of Tesla Inc., Elon Musk, said ...

Attack on America's 5G towers on Saturday!

Protests over 5G connectivity are scheduled to take place over the weekend, according to NATE. According to a recommendation that was identified ...

Windows 10 Updates: You can block them with Wu10Man!

Microsoft launched the Windows 10 update in May 2020, so it will be available on your computer soon ....

ECh0raix Ransomware: New campaign targets QNAP NAS devices!

Malicious agents behind eCh0raix Ransomware have launched a new campaign targeting QNAP NAS devices. ECh0raix was observed ...

Mac: How to change the storage location of your screenshots?

When you take screenshots on your Mac device using the Shift-Command-3 shortcut to take a screenshot of the entire computer screen or Shift-Command-4 ...

Malware USBCulprit: Aims devices that are not connected to a network

Did you think that devices without any connection to a local or other network (air-gapped devices) are safe? Think again! The USBCulprit malware that ...

Free Microsoft Teams: You can finally create meetings!

Users of the free version of Microsoft Teams can now create video meetings. The change, identified by ...