A new arbitrary code execution vulnerability has been discovered in iTunes that could allow a threat actor to perform malicious activities.
This vulnerability has been assigned with CVE-2024-27793 and the severity is yet to be categorized.
Apple has released a security advisory for addressing this vulnerability which also specified that “Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available”
https://cybersecuritynews.com/itunes-wi ... rity-flaw/