Published: 23/06/2023 Updated: 27/07/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple itunes

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...

Proof of Concept Code for CVE-2023-32353: Local privilege escalation via iTunes in Windows

CVE-2023-32353 Proof of Concept Disclaimer This proof of concept code is published for educational purposes It should encourage other people to find similar vulnerabilities, report them responsibly and fix them On May 23, 2023, Apple has published a fix for the vulnerability You are encouraged to update iTunes to the latest version (at least 12129) I did not find this CV

NVD-CWE-noinfo https://support.apple.com/en-us/HT213763 https://nvd.nist.gov https://github.com/86x/CVE-2023-32353-PoC https://support.apple.com/kb/HT213763

CVE-2023-32353

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect