CVE-2025-22275: iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the...

9.3 CVSS

Description

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.

Classification

CVE ID: CVE-2025-22275

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.3

Affected Products

Vendor: iTerm2

Product: iTerm2

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://iterm2.com/downloads/stable/iTerm2-3_5_11.changelog
https://news.ycombinator.com/item?id=42579472
https://gitlab.com/gnachman/iterm2/-/wikis/SSH-Integration-Information-Leak

Timeline

2025-01-04 00:30:23 UTC
CVE

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the...