9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.021 Low
EPSS
Percentile
89.0%
03/24/2020
Warning
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information, perform cross-site scripting attack.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Apple iTunes earlier than 12.10.5
Update to the latest version
Download iTunes
About the security content of iTunes 12.10.5 for Windows
ACE
CVE-2020-97836.8High
CVE-2020-39097.5Critical
CVE-2020-39107.5Critical
CVE-2020-38874.3Warning
CVE-2020-38959.3Critical
CVE-2020-38942.6Warning
CVE-2020-39016.8High
CVE-2020-38999.3Critical
CVE-2020-39006.8High
CVE-2020-38979.3Critical
CVE-2020-39024.3Warning
CVE-2020-38854.3Warning
CVE-2020-39117.5Critical
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3885
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3887
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3900
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3901
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3902
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3909
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3910
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3911
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9783
statistics.securelist.com/vulnerability-scan/month
support.apple.com/kb/HT211105
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Apple-iTunes/
www.apple.com/itunes/download/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.021 Low
EPSS
Percentile
89.0%