CVE-2025-22275

Published Jan 3, 2025

Last updated 10 days ago

Overview

Description
iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.
Source
cve@mitre.org
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.3
Impact score
4.7
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Severity
CRITICAL

Weaknesses

cve@mitre.org
CWE-532

Social media

Hype score
Not currently trending
  1. “NVD - CVE-2025-22275” https://t.co/SgmI2ckPIT

    @stefafafan

    7 Jan 2025

    119 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE Alert: CVE-2025-22275 - https://t.co/AENgY16Vql #OSINT #ThreatIntel #CyberSecurity #cve_2025_22275

    @RedPacketSec

    4 Jan 2025

    75 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 iTerm2 has patched a critical vulnerability (CVE-2025-22275) affecting versions 3.5.6 to 3.5.10. Improper logging during SSH sessions may expose user data. Update to 3.5.11! 💻🛡️ #iTerm2 #macOS #Privacy #CybersecurityNews link: https://t.co/fNPhGjZc4w https://t.co/yvegUeuB4S

    @TweetThreatNews

    4 Jan 2025

    25 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. BaseScore: 9.3, BaseSeverity: CRITICAL, id: CVE-2025-22275, published: 2025-01-03T05:15:08.243, sourceIdentifier: cve@mitre.org, url: https://t.co/AqFTnnrciW, vulnStatus: Received

    @CVETracker

    4 Jan 2025

    18 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. macOS用の人気端末エミュレータiTerm2に重大(Critical)な脆弱性。CVE-2025-22275はCVSSスコア9.3で、SSH統合機能が利用者の入出力をリモートホスト上の/tmp/framer.txtに出力してしまうもの。このファイルはどうホスト上のほかユーザから読み取り可能。最新版で修正済み。 https://t.co/UWdn6U4Xja

    @__kokumoto

    3 Jan 2025

    2811 Impressions

    14 Retweets

    44 Likes

    10 Bookmarks

    0 Replies

    0 Quotes

  6. #Cyberalert 🚨 Critical Vulnerability in iTerm2: CVE-2025-22275 A critical flaw (CVSS 9.3) in iTerm2, a widely used terminal emulator for macOS, has been patched. This vulnerability, tracked as CVE-2025-22275, affects versions 3.5.6 to 3.5.10 (including beta versions). It… http

    @GHak2learn27752

    3 Jan 2025

    207 Impressions

    1 Retweet

    5 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. CVE-2025-22275 Sensitive Information Disclosure in iTerm2 via Temporary File Exposure iTerm2 versions from 3.5.6 to 3.5.10, before version 3.5.11, may let remote attackers access sensitive information. This happe... https://t.co/Ae8vgzZc9Q

    @VulmonFeeds

    3 Jan 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2025-22275 iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file… https://t.co/SnvaCZ6vv1

    @CVEnew

    3 Jan 2025

    595 Impressions

    0 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  9. [CVE-2025-22275: CRITICAL] Vulnerability in iTerm2 versions 3.5.6 to 3.5.10 allows attackers to access sensitive data via /tmp/framer.txt during remote logins in specific Python-installed hosts. Update to 3.5.11 ...#cybersecurity,#vulnerability https://t.co/6vRsxMt5El https://t.c

    @CveFindCom

    3 Jan 2025

    16 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes