Vulnerability in Apple Itunes For Windows

CVE-2023-32351

A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges.

EPSS: 0.001 (22.4th percentile) — read the EPSS interpretation.

Affected products

Apple Itunes For Windows — versions unspecified

Public proof-of-concept exploits

ycdxsb/ycdxsb

References

support.apple.com/en-us/HT213763

Frequently asked questions

What is CVE-2023-32351?: CVE-2023-32351 is a vulnerability in Apple Itunes For Windows. Published 2023-06-23.
Is CVE-2023-32351 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.