diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4e99aba..0c98e9a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,8 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [2.0.1] - 2020-04-12
 
+### Security
+
+* Escape stty command for SerialStreamCreator to avoid unescaped arguments (#54)
 
 ## [2.0.0] - 2020-04-07
 
diff --git a/src/Network/SerialStreamCreator.php b/src/Network/SerialStreamCreator.php
index ad4498f..249c673 100644
--- a/src/Network/SerialStreamCreator.php
+++ b/src/Network/SerialStreamCreator.php
@@ -55,7 +55,8 @@ public function createStream(BinaryStreamConnection $conn)
         $device = $conn->getUri();
 
         $sttyModes = implode(' ', $this->sttyModes);
-        $sttyResult = exec("stty -F ${device} ${sttyModes}");
+        $cmd = escapeshellcmd("stty -F ${device} ${sttyModes}");
+        $sttyResult = exec($cmd);
         if ($sttyResult === false) {
             throw new IOException('stty failed to configure device');
         }