Monthly
Privilege escalation vulnerability in Parallels Desktop for Mac version 20.1.1 (build 55740) where the snapshot functionality allows a local attacker with user-level privileges to write arbitrary files via hard link exploitation of a root-owned process. An attacker can leverage this to escalate privileges from a normal user to root, potentially achieving full system compromise. The vulnerability has a CVSS score of 7.8 (high severity) and requires local access with low complexity.
Privilege escalation vulnerability in Parallels Desktop for Mac 20.1.1 that allows a local attacker with user-level privileges to gain root-level code execution through a hard link attack during virtual machine archive restoration. The prl_vmarchiver tool operates with root privileges during decompression and file restoration, enabling an attacker to redirect writes to arbitrary system files. This vulnerability has a CVSS score of 7.8 (High) with low attack complexity, making it a practical privilege escalation vector for local users on affected systems.
Privilege escalation vulnerability in Parallels Desktop for Mac version 20.1.1 (build 55740) where the snapshot functionality allows a local attacker with user-level privileges to write arbitrary files via hard link exploitation of a root-owned process. An attacker can leverage this to escalate privileges from a normal user to root, potentially achieving full system compromise. The vulnerability has a CVSS score of 7.8 (high severity) and requires local access with low complexity.
Privilege escalation vulnerability in Parallels Desktop for Mac 20.1.1 that allows a local attacker with user-level privileges to gain root-level code execution through a hard link attack during virtual machine archive restoration. The prl_vmarchiver tool operates with root privileges during decompression and file restoration, enabling an attacker to redirect writes to arbitrary system files. This vulnerability has a CVSS score of 7.8 (High) with low attack complexity, making it a practical privilege escalation vector for local users on affected systems.