CVE-2024-44193

CWE-2814 documents4 sources
Severity
7.8HIGH
EPSS
2.3%
top 15.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Itunes FOR WindowsApple Itunes
Timeline
PublishedOct 2

Description

A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5apple/itunes_for_windows< 12.13.3
NVDapple/itunes< 12.13.3

🔴Vulnerability Details

2
GHSA
GHSA-72cp-q9j9-fhvh: A logic issue was addressed with improved restrictions2024-10-02
CVEList
CVE-2024-44193: A logic issue was addressed with improved restrictions2024-10-02

📋Vendor Advisories

1
Apple
CVE-2024-44193: iTunes 12.13.3 for Windows2024-09-12
CVE-2024-44193 (HIGH CVSS 7.8) | A logic issue was addressed with im | cvebase.io