CVE-2024-44193

Published Oct 2, 2024

Last updated 3 months ago

CVSS high 7.8

Overview

Description: A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.
Source: product-security@apple.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Critical iTunes Vulnerability CVE-2024-44193: Risks & Remedies for Windows Users https://t.co/lgPgSBNtlQ
@windowsforum
3 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Обладатели устройств на Windows: срочно обновите iTunes до версии 12.13.3 или выше! Недавняя уязвимость CVE-2024-44193 позволяет злоумышленникам получить админ-доступ к вашему ПК. Не упустите шанс защитить свои данные и устройства! 😊🔒
@levpn_ru
3 Nov 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 iTunes for Windows users, update ASAP! 🚨 A vulnerability (CVE-2024-44193) allows attackers to escalate privileges, potentially compromising systems. Ensure your iTunes is updated to version 12.13.3 or later to protect your data and privacy. Stay safe! 💻🔒 https://t.co/a3jS4O
@LeVPN
3 Nov 2024
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2024-35250: Windows 11 Kernel-Mode Driver EoP/LPE https://t.co/UxEoBwWNoA 2. CVE-2024-44193: iTunes for Windows - LPE https://t.co/C3p0B828YB 3. CVE-2024-9464: Palo Alto Expedition Authenticated CI https://t.co/5OPNnJ7NGY
@42mayfly
21 Oct 2024
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#exploit 1. CVE-2024-35250: Windows 11 Kernel-Mode Driver EoP/LPE https://t.co/JCHRLHXVib 2. CVE-2024-44193: iTunes for Windows - LPE https://t.co/se0HV2pUtI 3. CVE-2024-9464: Palo Alto Expedition Authenticated CI https://t.co/G5lQTBLjx8
@airacaaaa
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1. CVE-2024-35250: Windows 11 Kernel-Mode Driver EoP/LPE https://t.co/vCoFWg4cK2 2. CVE-2024-44193: iTunes for Windows - LPE https://t.co/TaEcUZybXC 3. CVE-2024-9464: Palo Alto Expedition Authenticated CI https://t.co/nZDbcw79y5
@ShaiiikShoaiiib
71 Impressions
0 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "412B31BD-4C6E-49D3-800B-D1FC41A72E67",
            "versionEndExcluding": "12.13.3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2024-44193
https://support.apple.com/en-us/121328

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References