Logic Issue in iTunes for Windows Enables Elevated Privileges
CVE-2023-32351

7.8HIGH

Key Information:

Vendor: Apple
Status: Itunes For Windows
Vendor: CVE Published:; 23 June 2023

Summary

A logic issue in iTunes for Windows has been identified, which may allow an application to gain elevated privileges. This vulnerability was addressed with improved checks in the latest update, iTunes 12.12.9 for Windows. It is essential for users to update their software to prevent potential exploitation.

Affected Version(s)

iTunes for Windows < 12.12

References

https://support.apple.com/en-us/HT213763

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 23, 2023
Vulnerability Reserved
May 8, 2023