CVE-2020-27895

Name of the Vulnerable Software and Affected Versions iTunes versions prior to 12.11 for Windows

Description An information disclosure issue existed in the transition of program state, which could allow a malicious application to access local users' Apple IDs. This issue was addressed with improved state handling.

Recommendations For versions prior to 12.11, update to iTunes 12.11 for Windows to resolve the issue. As a temporary workaround, consider restricting access to sensitive user information until the update is applied.