CVE-2024-44193

HIGH

iTunes <12.13.3 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-44193. PoCs published by mbog14.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2024-44193, a local privilege escalation vulnerability in iTunes 12.13.2.3. The vulnerability arises from improper permission management in the `C:\ProgramData\Apple\*` path, allowing unprivileged users to exploit arbitrary file deletion via NTFS junctions to achieve SYSTEM privileges.

Description

A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.

Exploits (1)

nomisec WRITEUP 98 stars
by mbog14 · poc
https://github.com/mbog14/CVE-2024-44193

This repository provides a detailed technical analysis of CVE-2024-44193, a local privilege escalation vulnerability in iTunes 12.13.2.3. The vulnerability arises from improper permission management in the `C:\ProgramData\Apple\*` path, allowing unprivileged users to exploit arbitrary file deletion via NTFS junctions to achieve SYSTEM privileges.

Classification
Writeup 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: iTunes 12.13.2.3 (AppleMobileDeviceService.exe)
Auth required
Prerequisites: iTunes 12.13.2.3 installed · Unprivileged user access · Ability to restart AppleMobileDeviceService.exe
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0040
EPSS Percentile 31.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-281
Status published
Products (2)
apple/itunes < 12.13.3
Apple/iTunes for Windows < 12.13.3
Published Oct 02, 2024
Tracked Since Feb 18, 2026