PT-2023-2912 · Apple · Itunes

Ycdxsb

Published

2023-05-23

Updated

2024-12-05

CVE-2023-32351

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions iTunes versions prior to 12.12.9 for Windows

Description The issue is related to a logic problem that has been addressed with improved checks. It may allow an app to gain elevated privileges, potentially enabling an attacker to increase their privileges.

Recommendations For versions prior to 12.12.9, update to iTunes 12.12.9 for Windows to resolve the issue.

Fix

Improper Access Control

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-276CWE-264

Related Identifiers

BDU:2023-02877

CVE-2023-32351

Affected Products

Itunes

PT-2023-2912 · Apple · Itunes

CVE-2023-32351

Weakness Enumeration

Related Identifiers

Affected Products

References · 8