Security researchers discovered a critical vulnerability in iTerm2 where carefully crafted terminal escape sequences can be used to achieve arbitrary code execution. The SSH integration feature's "conductor" protocol lacks authentication, allowing untrusted terminal output (from files, server responses, or MOTD) to impersonate legitimate protocol messages and trick iTerm2 into running attacker-supplied commands. The vulnerability was discovered through AI-assisted analysis in partnership with OpenAI, reported on March 30, and patched within 24 hours.
Safety
Even "cat readme.txt" is not safe
iTerm2's unauthenticated SSH conductor protocol allows escape sequences embedded in any terminal output—files, MOTD, logs—to execute arbitrary commands.
Friday, April 17, 2026 12:00 PM UTC2 MIN READSOURCE: Hacker NewsBY sys://pipeline
Tags
safety