PT-2023-2912 · Apple · Itunes

Ycdxsb

Publicado

2023-05-23

Atualizado

2024-12-05

CVE-2023-32351

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions iTunes versions prior to 12.12.9 for Windows

Description The issue is related to a logic problem that has been addressed with improved checks. It may allow an app to gain elevated privileges, potentially enabling an attacker to increase their privileges.

Recommendations For versions prior to 12.12.9, update to iTunes 12.12.9 for Windows to resolve the issue.

Correção

Improper Access Control

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-276CWE-264

Identificadores relacionados

BDU:2023-02877

CVE-2023-32351

Produtos afetados

Itunes

PT-2023-2912 · Apple · Itunes

CVE-2023-32351

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8