PT-2024-13064 · Apple · Itunes

Gee Sung

·

Published

2024-03-14

·

Updated

2025-03-28

·

CVE-2023-42938

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions iTunes version 12.13.1 and earlier
Description A logic issue was addressed with improved checks, allowing a local attacker to potentially elevate their privileges.
Recommendations For versions prior to 12.13.1, update to iTunes 12.13.1 for Windows to resolve the issue.

Fix

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-693

Related Identifiers

CVE-2023-42938

Affected Products

Itunes